Privacy Policies — Do Writers Need One?

Privacy policies are not really a publishing law topic but it is something every writer should consider.

I am not talking about that WRITER AT WORK–DO NOT DISTURB sign on the door sort of privacy policy. Nor am I talking about your rule to use resting bitch face only when a fan approaches at an inappropriate time, like during a romantic dinner with your special someone (it happens, you know, and at the oddest times). The privacy policies of this article are the legal statements found on websites and blogs. Most people have seen them, tiny privacy policy links in the website’s footer. And I would venture to say that most have never opened the link and read the privacy policy page.

What is a privacy policy?

A privacy policy (also known as a privacy statement, privacy notice, privacy information, or privacy page) informs people who use your website or read your blog or buy your products on-line what personal information you collect, how you intend to use it, and how you safely store it.

Do writers need a privacy policy?

If you are a writer then most likely you have a website (or intend to eventually). It probably has a contact form for a newsletter with information or advice. You might have a blog, where you or others contribute with helpful articles. You could be selling goods or services with an e-commerce store. And your website might even be providing advertising space from third parties. Most of these examples collect personal information. If so, regardless of the platform used (website, blog, e-commerce store, mobile or desktop app), then you need a privacy policy.

Why? Because without one you put yourself at risk of being sued. While the laws vary from state to state, California has some of the strictest privacy policies for anyone who collects a website user’s personal data (see these links for more info about CalOPPA, the California Online Privacy Protection Act). If you have an e-newsletter, or an e-commerce business, or a blog with a sign-up, you probably have collected data from someone in California. Therefore, even if you operate your website from another state, collecting personal information from anyone in California requires you to comply with California’s privacy policy laws. In other words, CYA and get a privacy policy.

If your website is purely informative and collects no personal data from users then congratulations. You do not need a privacy policy and you have saved yourself three hours of time.

What qualifies as personal information?

The type of data considered personal information varies from state to state. Usually, the term is defined as including: names, USPS mail addresses, email addresses, IP addresses, browser cookies, phone numbers, user IDs, passwords, credit card information, financial data, photographs, and social security numbers. Basically, personal information is anything that would help identify a user of your website. This does not mean that all the data collected from users of your website qualifies as personal information. However, do not assume anonymous data like navigation history and the type of data collected by Google Analytics is not considered personal. Often, such data when used in connection with other data can be tracked back to an individual, thus it may be considered personal information.

What must a privacy policy contain?

What to include in your privacy policy, depends on what type of personal information your website collects and what you do with it. But for starters, every privacy policy should include a few basic items.

State clearly:

  1. what type of data your website collects from a user–names, addresses, credit card numbers, phone numbers, etc.;
  2. why the data is being collected;
  3. what you intend to do with the data collected (how it is used, how it is shared); and
  4. provide assurances that users’ personal data remains secure.

Of course, personal data changes or users sometimes make mistakes when entering their personal data on-line. Provide a means for users to see the personal data your website has collected, as well as a means for correcting any errors or changes. For example, a Sidebar Saturdays’ user can send us an email to correct errors or make changes. Also, the sign-up process provides a notice to the user about what information we collected, what to do in case of errors, and how to access it for changes.

Provide users the ability to opt-out of giving certain information if possible. Also, always have the ability to unsubscribe or delete their information if so desired.

While I have talked about this before, if your website is directed toward children under 13, then your website and privacy policy must be COPPA compliant. COPPA, or the Children’s On-line Privacy Protection Act, requires notice be given to parents, and getting their verifiable consent, before collecting, using, or disclosing their child’s personal information (see my earlier Sidebar Saturdays article for more information about COPPA compliance). If you are not collecting information from children under 13, note this in your privacy policy and that your information collection process is COPPA compliant.

How to write your privacy policy?

There are plenty of examples of privacy policies online. I would start with an author or blog that you admire. Review those privacy policies for content and form. Here is a link to Sidebar Saturdays’ privacy policy or click the link in the website footer.

Also, there are plenty of downloadable templates on-line. But do not cut and paste from something already written. It is important that your privacy policy be tailored to your specific use and needs. If you need help, consult a lawyer to draft a privacy policy best fitted for you and your website.

Good luck. And may your privacy policy be ever in your favor. Can you tell…I have been reading The Hunger Games, again.

 


Photo Credit: hyku | Visualhunt | CC BY

 

Legal Disclaimer: This information is provided for educational purposes only. Consult a qualified lawyer in your jurisdiction for all legal opinions for your specific situation. See the disclaimer link in the footer of our website for more information.

Scroll to Top