No Privacy Policy? Big Mistake & Here's Why

Business.com / Legal / Last Modified: February 22, 2017

Privacy policy and terms of service pages are a must on all site. See how not having those pages can hurt your site.

How many times have you scrolled through the legal gibberish in a lengthy Terms of Service agreement, eyes glazing over, only to blindly click the "Accept" button at the end, all without successfully reading a single word? Let's be honest- the answer is most likely "many times."

If you use one of Google's many products, however, it is highly encouraged that you go back and thoroughly read their TOS (especially if you're a webmaster utilizing any Google services) because you may be in violation of their terms. And, as with any Google violation, you can be punished accordingly (Tweet This!).

Related:What You Need to Know About Advertising Injury Coverage

Punishment could mean banishment from the Google service whose terms you have violated-as in the 2011 case of a 10-year-old boy who signed up (underage, according to Google TOS) for Gmail; his account, and all information contained therein, was deleted. For webmasters, that kind of loss could be catastrophic.

So What's the Violation?

One of the most commonly overlooked portion of Google's many different Terms of Services is actually a sibling of the TOS itself: the privacy policy.

A privacy policy a legal statement that discloses the ways in which the website collects, uses and/or shares data about its users, most often posted with or alongside the website's Terms of Service.

Alarmingly, this important legal disclosure is absent from websites that do, in fact, collect user data, such as through retail sites or even mailing lists. The privacy policy, along with a comprehensive Terms of Service agreement, is an integral page on any website to protect not only the consumers, but yourself (Tweet This!).

When and Where You Need One

Under section 7 ("Privacy") of Google Analytic's Terms of Service, it clearly states that every website using its service must have a comprehensive privacy policy, which "must provide notice of [the website's] use of cookies that are used to collect data. [The webmasters] must disclose the use of Google Analytics, and how it collects and processes data."

Other Google services that require the website (i.e., you) to post a privacy policy include:

  • AdMob, mobile advertising platform
  • AdSense, online advertising program
  • AdWords, via remarketing
  • Cloud Storage, including App Engine
  • Maps/Google Earth APIs

For each of these services, the privacy policy requirement differs. It's a lot to read, yes, but consider the consequence: a swift boot to the rear that takes you off of Google's coveted SERPs. The privacy policy should be easily accessible from the home page of the website, so as to comply with any state or U.S. laws (Tweet This!).

Related:Getting Out of the Google Penalty Box

Not Just Google-It's the Law

Speaking of which, while privacy policies are required by Google, even websites that do not utilize any of the Internet behemoth's services may be legally required to post a privacy policy.

Online privacy has been a hot-button issue, especially in regard to protecting consumers and their children, as well as minimizing identity theft; advertisers can see these laws as a hindrance, however, as technological advancements make data more easily attainable and measurable.

Both federal and state laws have passed that require Privacy Policies on specific websites:

  • Children's Online Privacy Protection Act (COPPA): A federal law, with revisions in effect as recently as July 2013, that seeks to protect the online privacy and safety of children 13 and under. Under this law, websites whose content is directed towards children and that collects personal information must post a clear and comprehensive privacy policy.
  • Gramm--Leach--Bliley Act (Financial Services Modernization Act of 1999): Directed towards financial institutions, this law reaches beyond the Internet. However, the intention is the same: if your business provides any sort of financial service, you must include a privacy policy.
  • California Online Privacy Protection Act of 2003 (OPPA): A California law whose scope goes beyond state lines, OPPA requires commercial sites that gather personally identifiable information (PII) about its users in the state to post a privacy policy that is accessible via the homepage.
  • Health Insurance Portability and Accountability Act (HIPAA): Health-related websites, such as insurance providers, are moving many of their services to the Web. This law requires that the privacy policy must be downloadable on the website.

Related:Local Online Marketing Strategies Your Small Business Should be Doing

Beyond Simply "Complying"

But beyond simply being "required" to post one, a privacy policy to a consumer is a sign that the website is aware of its users' security. With the recent Heartbleed security bug scare, Internet users are even more aware of how their data is collected. In addition to Google's approval-which is of course important-you need the consumers' approval.

(Image via freeditigalphotos.net)

Login to Business.com

Login with Your Account
Forgot Password?
New to Business.com? Join for Free

Join Business.com

Sign Up with Your Social Account
Create an Account
Sign In

Use of this website constitutes acceptance of the Terms of Use, Community Guidelines, and Privacy Policy.

Reset Your Password

Enter your email address and we'll send you an email with a link to reset your password.

Cancel