Author – Michelle Lagos
This answer begins with a series of simple questions:
Does your website collect visas? Forms? Personal information? Like subscribe options info while making appts.? Website or Google Analytic tracking?
Because of that, do you have a Private Policy page in your website that’s linked in an area where every viewer can easily see it? Like the footer?
If you don’t, you need to speak with your attorney and get that taken care of. We’re happy to get it placed correctly on your website when you do. Running any risks in a very sue-happy period of history, isn’t worth the risk, for the reasons stated below:
Why? There are global laws regarding how data is collected that must stay under the data compliance for the GDPR, CCPA, LGPD and other regulations that are typically applied state by state so making quick copies off the internet may not correctly apply to your business activities.
Here’s an Oregon example that occurred 2017 that’s was a state-wide decision in 2017:
On May 25, 2017, Oregon Governor Kate Brown signed into law H.B. 2090. This new law makes materially inaccurate claims related to the collection, use, disclosure, maintenance, and disposal of consumer data an unlawful trade practice subject to enforcement by the Attorney General. Ouch!
The law applies not only to claims made on websites (privacy policies come to mind), but also in consumer agreements (ISP and cloud hosting agreements). So, being clear and upfront of how information is used and stored isn’t an option anymore, just like being ADA Compliant isn’t either. (See the GLN ADA COMPLIANCE blog for more details).