Why do I need a privacy policy?
If your website has an inquiry form or collects emails for a newsletter, then you need a privacy policy. Websites that ask for a name and email address are collecting Personally Identifiable Information (PII) and need to not only have a compliant Privacy Policy, but also need a strategy to keep their policy up to date when these laws are added or changed.
The privacy policy is also required to use many Google services such as Analytics, Maps, and YouTube videos, and is listed in the Google Terms and Conditions.
Here are some instances when your website would require a privacy policy:
- A website that has a contact form
- A website that has an email newsletter sign-up form
- A website that uses Google pay-per-click advertising
- A website that has Google Analytics visitor tracking installed
- A website that has a Google Map on the contact page
- A website that has YouTube videos embedded
- An eCommerce website where users can make purchases
Additionally, websites that take actions or provide information that the website owner could be held responsible for in case something goes wrong, may also need a Disclaimer to help lessen that responsibility:
- A website that participates in affiliate programs
- A website that advertises third-party products or services
- A website that sells or displays health products
- A website that provides health or fitness advice
- A website that provides information that could be seen as legal advice
In summary, if you would like to establish trust and legitimacy with your website visitors, limit your liability, and comply with Google Terms of Service, it is important to have the proper documentation listed on your website.
In Canada, the PIPEDA or Personal Information Protection and Electronic Documents Act provides a variety of privacy rights to Canadians pursuant to protecting their personal information. Like the General Data Protection Regulation (“GDPR”), the PIPEDA emphasizes the need for organizations to effectively and clearly convey their personal information management practices to consumers. As such, Privacy Policies must be consistent with PIPEDA’s fair information principle for “openness,” allowing Canadians to be fully informed in making sound decisions regarding the collection and disclosure of their personal information.
Privacy policy in Canada is legislated by the federal government, however Alberta adheres to the Personal Information Protection Act (PIPA) most recently updated in 2016. PIPA provides individuals with the right to request access to their own personal information while providing private sector organizations with a framework for conducting the collection, use and disclosure of personal information.