FB Pixel

The Two Policies That Every Website Needs

There’s a reason why two-thirds of businesses have a website — great websites generate leads. And in order to generate leads that can be easily captured, it makes sense that a website would have a contact form that collects personal information such as name, email and phone number. While a contact form is a must-have feature for a website, it can also open your clients up to liability.

Lawmakers have recently embarked on a new journey by proposing and passing laws that protect the private information of consumers by requiring Privacy Policies on websites. And it doesn’t end there, the concept of social sharing is taking off as well.

Companies want to connect to their prospects on all platforms to ensure that they are always kept at the top of mind. It’s difficult to find a website now that does not have links to social media. However, having links to third party sites such as Facebook or Twitter can also open your clients up to liability if the consumer’s rights are not respected on such websites. That’s why it’s imperative that your clients have Terms of Service as well.

In this article, you’ll learn why every website that you build should have a Privacy Policy and Terms of Service

Requirement Number One: Privacy Policy

close curtain GIF

A Privacy Policy is an agreement that specifies what personal information is collected on a website, how that information is used and who it is shared with. Personal information includes any information that relates to an identified person such as a name, email or phone number — the kind of information that is usually collected via contact forms or email newsletter sign-up forms. Most websites that collect such personal information are actually required by law to have a Privacy Policy.

In particular, the following laws may require your clients to have one: 

  • General Data Protection Regulation; 
  • California Online Privacy Protection Act of 2003; 
  • California Consumer Privacy Act; and 
  • Nevada Chapter 603A and SB220. 

The tricky part of these laws is that they do not necessarily govern just the businesses of that state. The goal of the laws is to protect consumers residing in those states and that means the laws may apply to businesses outside of the EU, California or Nevada, to encompass any business in the United States. Consumers don’t search for websites by location of the business, they search for what they need. This means that businesses in Illinois, Alaska or Florida need to have protections in place. 

These laws require websites that collect personal information to have a Privacy Policy and noncompliance can lead to heavy fines and penalties. Furthermore, many additional states are proposing their own versions of privacy laws (e.g. New York, Washington, and Minnesota, just to name a few) which would require businesses to have a Privacy Policy and would impose their own requirements on what that Privacy Policy needs to contain. 

The most important part to remember is that any website that has a contact form or an email newsletter form needs a Privacy Policy. 

Requirement Number Two: Terms of Service

Terms of Service is an agreement that specifies the rules that one must abide by to use a website and often includes liability limitations that protect a business from bad actors or something going wrong. While Terms of Service is not required by law, it is a crucial part of protection.

Let’s take an example:

You are building a website for a client who wants to have links to their social media accounts such as Facebook or Twitter. If a user goes from your client’s website to Facebook or Twitter and his or her rights are abused by those companies or if they get a virus, they could potentially blame your clients for this.

In fact, there was a recent case where a website owner was held jointly responsible for Facebook’s data processing under GDPR since he had a link to Facebook on his website. Facebook was just fined $5 billion by the Federal Trade Commission for their poor privacy practices.

Privacy policies can earn you recurring revenue shock

If there is anything that can be said for certain, it’s that your clients would not want to participate in that type of a fine. Having Terms of Service would help protect them from such mishaps. 

Terms of Service is also helpful to answer common end-user questions for eCommerce websites such as “what is your refund policy”, “can I cancel my order” and “what do I need to do to receive a refund?” If your clients have a website that allows users to sign up for accounts, Terms of Service also will help your clients ensure that they have full control of those accounts and can delete them in case of abuse. 

Lastly, Terms of Service will help ensure that your clients’ intellectual property rights are protected and that users are put on notice that everything on the website is copyrighted. What’s most important to remember here is that every website needs Terms of Service to ensure protection from lawsuits, penalties and the theft of intellectual property. 

How to Educate Your Clients

As a web industry professional, your clients look to you for advice and recommendations on all things web. They may not have heard about the new laws that have been passed, they may not be aware that they collect personal information on their website or they may not know how to protect their business online.

It is up to you to educate them about the importance of Privacy Policies and Terms of Service to make sure that they get the best service that they can from you. Also, it doesn’t hurt to document this in case they do not take your advice and then end up getting themselves into trouble! 

There are a few points in time where you may want to broach this subject with your client: 

    1. When you are first quoting out the project
      Certain laws require websites that collect personal information to have proper consent captures in contact forms or they even require that websites abide by privacy by design principles. Furthermore, data minimization requires websites to collect the minimum amount of information that is actually needed by the business. Since privacy concerns may affect the design and features of the website that you are building, it is smart to bring this subject up when you first quote out the project as your work may be affected by these concepts.
    2. Prior to launching a website
      Hopefully, the website that you built starts bringing in leads as soon as it launches. However, this also means that users will be submitting contact forms and giving their personal information to your client. This means that a Privacy Policy and Terms of Service should be on the website on launch day. If you are worried about how getting these documents may affect the launch day (as in, delay it), make sure that you suggest a solution that takes very little time to set up and implement.
    3. When you sign up your client for a maintenance/care plan 
      If you have already built and launched the website or if you are inheriting a website from a previous developer and are signing your client up for a maintenance plan, include these policies in your plan to make sure that your clients are protected. 

While you would obviously want to get these policies for your clients as early in the game as possible, it’s better that you suggest them, even if a bit late, than not suggest them at all. It is also important to remember that your clients may be asking you for advice on what to do for a Privacy Policy or Terms of Service and it’s important that you are ready with an answer. 


Donata Kalnenaite

Donata Kalnenaite

Donata Kalnenaite is the President of Termageddon, a Privacy Policy and Terms of Service generator that automatically updates its policies whenever the laws change. She is the engineer behind the policy questions and text. She is a licensed attorney and certified information privacy professional. She often volunteers at the Illinois State Bar Association holding courses on the General Data Protection Regulation where she teaches other attorneys on the importance of privacy and what Privacy Policies should contain. Nothing in this post is intended to be, nor should be construed as legal advice.

You’ll be joining a community of highly-vetted digital agencies and web professionals with one common goal — growth! Learn more. 


The Landing Page Builds service includes:

  • Unlimited page builds for one monthly rate
  • Dedicated account manager
  • Dedicated WordPress developer
  • At least 2 hours of daily dev time
  • Daily progress reports
  • Find out more here

The Content Edits Plan includes:

  • Unlimited content edits
  • White label help desk
  • Support ticket dashboard
  • 24/7 team of WordPress experts
Plus, everything in our Maintenance Plan:
  • Visual Validator WordPress updates
  • 90 days of off-site backups
  • Daily security scans and malware cleanup
  • Maintenance dashboard
  • Find out more here

The Maintenance Plan includes:

  • Visual Validator WordPress updates
  • 90 days of off-site backups
  • Daily security scans and malware cleanup
  • Maintenance dashboard
  • Find out more here