You may have heard about the strict privacy regulations in the European Union, such as the General Data Protection Regulation (GDPR). They are the main reason for those annoying “cookie notices” at the bottom of many websites. What is less well known is the number of privacy laws that have been passed in the US, with several more in the legislative pipeline. These include:
- California Online Privacy Protection Act of 2003 (“CalOPPA”)
- California Consumer Privacy Act (“CCPA”)
- Nevada Revised Statutes Chapter 603A
- Delaware Online Privacy and Protection Act (“DOPPA”)
- Virginia Consumer Data Protection Act (“VCDPA”)
- Colorado Privacy Act
- Utah Consumer Privacy Act
- Connecticut SB6
While the details of these laws differ, all of them require qualifying websites to disclose how they collect and use site visitor information. And to be clear, if your website has a contact form or newsletter sign up, you are collecting information from your visitors. As with the GDPR, state laws apply to businesses when residents of that state visit a website, regardless of where the website’s business is physically located. This means that a business in Nebraska can be in violation of a Utah law, triggered by a visit from a Utah resident.
- What information about visitors you collect. (e.g. name, email, physical address, credit card information, etc.).
- How you obtain this information. Does the visitor provide it themselves, or is it gathered automatically?
- The reason for requesting personal information.
- How you store and protect information you have collected.
- Who has access to your information? This includes things like email newsletter services, analytics software and other third party tools.
What about the privacy built into WordPress?
While the WordPress guide provides a good overview, it does not help you determine what privacy laws apply to you, nor does the template state what privacy laws it helps you to comply with. As with other generators, it will be your responsibility to keep the policy page up to date if your policies or the applicable laws change.
Our chosen solution
After considering various options, Webdancers has selected the Termageddon policy generator to offer our clients. Their President, Donata Stroink-Skillrud, is the chair of the ePrivacy Committee of the American Bar Association, so they know a thing or two about the application of privacy laws globally.
Using a simple Q&A process, Termageddon identifies the privacy laws that apply to you, generates the disclosures required under these laws, and automatically updates your policies whenever these laws change (or when new ones go into effect). In addition to privacy policies, Termageddon also generates Terms and Conditions, Cookie Policies, EULAs and Disclaimers. Cookie consent controls are also provided for those sites that need them.
Webdancers’ management clients may contact us about having Termageddon installed on their sites.