There’s a reason why two-thirds of businesses have a website — great websites generate leads. And in order to generate leads that can be easily captured, it makes sense that a website would have a contact form that collects personal information such as name, email and phone number. While a contact form is a must-have feature for a website, it can also open your clients up to liability.
Lawmakers have recently embarked on a new journey by proposing and passing laws that protect the private information of consumers by requiring Privacy Policies on websites. And it doesn’t end there, the concept of social sharing is taking off as well.
Companies want to connect to their prospects on all platforms to ensure that they are always kept at the top of mind. It’s difficult to find a website now that does not have links to social media. However, having links to third party sites such as Facebook or Twitter can also open your clients up to liability if the consumer’s rights are not respected on such websites. That’s why it’s imperative that your clients have Terms of Service as well.
In particular, the following laws may require your clients to have one:
- General Data Protection Regulation;
- California Online Privacy Protection Act of 2003;
- California Consumer Privacy Act; and
- Nevada Chapter 603A and SB220.
The tricky part of these laws is that they do not necessarily govern just the businesses of that state. The goal of the laws is to protect consumers residing in those states and that means the laws may apply to businesses outside of the EU, California or Nevada, to encompass any business in the United States. Consumers don’t search for websites by location of the business, they search for what they need. This means that businesses in Illinois, Alaska or Florida need to have protections in place.
Requirement Number Two: Terms of Service
Terms of Service is an agreement that specifies the rules that one must abide by to use a website and often includes liability limitations that protect a business from bad actors or something going wrong. While Terms of Service is not required by law, it is a crucial part of protection.
Let’s take an example:
You are building a website for a client who wants to have links to their social media accounts such as Facebook or Twitter. If a user goes from your client’s website to Facebook or Twitter and his or her rights are abused by those companies or if they get a virus, they could potentially blame your clients for this.
In fact, there was a recent case where a website owner was held jointly responsible for Facebook’s data processing under GDPR since he had a link to Facebook on his website. Facebook was just fined $5 billion by the Federal Trade Commission for their poor privacy practices.
If there is anything that can be said for certain, it’s that your clients would not want to participate in that type of a fine. Having Terms of Service would help protect them from such mishaps.
Terms of Service is also helpful to answer common end-user questions for eCommerce websites such as “what is your refund policy”, “can I cancel my order” and “what do I need to do to receive a refund?” If your clients have a website that allows users to sign up for accounts, Terms of Service also will help your clients ensure that they have full control of those accounts and can delete them in case of abuse.
Lastly, Terms of Service will help ensure that your clients’ intellectual property rights are protected and that users are put on notice that everything on the website is copyrighted. What’s most important to remember here is that every website needs Terms of Service to ensure protection from lawsuits, penalties and the theft of intellectual property.
How to Educate Your Clients
As a web industry professional, your clients look to you for advice and recommendations on all things web. They may not have heard about the new laws that have been passed, they may not be aware that they collect personal information on their website or they may not know how to protect their business online.
It is up to you to educate them about the importance of Privacy Policies and Terms of Service to make sure that they get the best service that they can from you. Also, it doesn’t hurt to document this in case they do not take your advice and then end up getting themselves into trouble!
There are a few points in time where you may want to broach this subject with your client:
- When you are first quoting out the project
Certain laws require websites that collect personal information to have proper consent captures in contact forms or they even require that websites abide by privacy by design principles. Furthermore, data minimization requires websites to collect the minimum amount of information that is actually needed by the business. Since privacy concerns may affect the design and features of the website that you are building, it is smart to bring this subject up when you first quote out the project as your work may be affected by these concepts.
- Prior to launching a website
- When you sign up your client for a maintenance/care plan
If you have already built and launched the website or if you are inheriting a website from a previous developer and are signing your client up for a maintenance plan, include these policies in your plan to make sure that your clients are protected.
- When you are first quoting out the project