Avoid privacy-related fines

privacy policy

If your website has a contact form, you need to have a Privacy Policy in place and keep it up to date as new disclosures become required by law. Websites that ask for a ‘name’ and ’email’ address on a contact form are collecting Personally Identifiable Information (PII) and need to not only have a compliant Privacy Policy, but also need a strategy to keep their policy up to date when these laws are added or changed.


Websites that collect Personally Identifiable Information are required to have a Privacy Policy:

  • An eCommerce website where users can make purchases
  • A website that has a contact form
  • A website that has an email newsletter sign-up form
  • A website that uses Google pay-per-click advertising
  • A website that has Google Analytics visitor tracking installed
  • A website that has a Google Map on the contact page
  • A website that has YouTube videos embedded


Additionally, websites that take actions or provide information that the website owner could be held responsible for in case something goes wrong, may also need a Disclaimer to help lessen that responsibility:

  • A website that participates in affiliate programs
  • A website that advertises third-party products or services
  • A website that sells or displays health products
  • A website that provides health or fitness advice
  • A website that provides information that could be seen as legal advice


In summary, if you would like to avoid fines and lawsuits, limit your liability, maintain control of your website, protect your intellectual property, and provide legitimacy to your website visitors, it is important to have the proper documentation listed on your website.


In Canada, the PIPEDA or Personal Information Protection and Electronic Documents Act provides a variety of privacy rights to Canadians pursuant to protecting their personal information. Like the General Data Protection Regulation (“GDPR”), the PIPEDA emphasizes the need for organizations to effectively and clearly convey their personal information management practices to consumers. As such, Privacy Policies must be consistent with PIPEDA’s fair information principle for “openness,” allowing Canadians to be fully informed in making sound decisions regarding the collection and disclosure of their personal information.