Widener University School of Law graduate, Managing Legal Editor at TermsFeed.
On this page
At Step 1, select the Website option or App option or both.
Answer some questions about your website or app.
Answer some questions about your business.
Reason 1: It's required by law if you collect personal information from users
In the U.S., the California Online Privacy Protection Act (CalOPPA) dictates that if you collect any personal information from any California-based users, such as email addresses, GPS location, phone numbers, or mailing addresses, you are required to have a legal statement available for users to review that discloses the privacy practices of your business.
Due to the wide-reaching nature of internet and technology, the CalOPPA Act in effect means that if you collect any kind of personal information, even if it's only an email address, you should have that legal statement as required by CalOPPA in place because California residents are likely to be using your websites or apps.
Canada, Australia or Europe aren't different in this regard.
For example, the EU Directive is not limited to EU countries only, but works on a global level as it affects any business that collects personal information from any user in the EU or transfers personal information to or from an EU country.
While there are a number of other laws put in place in other countries, such as the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, and the Privacy Act of 1988 in Australia, CalOPPA and the EU Directive are far-reaching and influential laws that sum up global requirements in privacy matters, especially for online businesses.
Reason 2: It's required by third-party services you may use
Google AdWords can be used as a very effective remarketing tool. But remarketing campaigns are using cookies to track users' activity online and show customized advertisements.
- You use remarketing to advertise your product or service through Google AdWords' platform
- Google is showing your ads to users on websites that they visit after visiting your website, and
- How a user can opt out of this remarketing campaign
The Data Use Policy of Twitter states that:
Twitter requires you to enter the URL for your legal statement in order to be able to sign up for the Lead Generation Card service:
Facebook does it too.
If your mobile app will be available on an app store, such as the Apple App Store or the Google Play Store for Android devices, you're most likely to be required to have this legal statement either by the law (if you collect personal data) and by the terms of the app stores' legal agreements (even if you don't collect personal data).
While the Google Play Store does not explicitly require that you have this kind of statement in place for your Android app, Google requires that "privacy procedures and notices [be] in place" when a developer or app distributor is signing up for a Google Play account.
If the users provide you with, or your Product accesses or uses, user names, passwords, or other login information or personal information, you must make the users aware that the information will be available to your Product, and you must provide a legally adequate privacy notice and protection for those users.
Reason 3: Users are interested in their privacy
Use this legally required statement as a way to showcase how you handle a user's personal information and provide as much clear, accurate, and thorough information as possible to really make your users feel comfortable and informed.
Reason 4: It's ubiquitous
It's short, sweet, and tells everything that needs to be told in just a few sentences:
Also, don't disregard common practices on how to make this kind of legal statement available to users.
Users look for links to Privacy Policies in the footer of a website. You should always include visible links to your legal agreements across all pages of your websites - even if that's a landing page - so users can review these agreements.
If you're developing a mobile app, most mobile apps can include a link to their Privacy Policies in an easily-accessible menu screen.
You can also be more active in informing users about your practice practices. To get users actively involved in acknowledging your legal agreements, consider having an "I agree" checkbox presented to your users when they first sign up for an account on your website or app.
This is an active way to let users know that you a legal agreement they need to agree to, but it can also have the benefit of putting users at ease when it comes to the security of their data when they first sign-up. It shows that you take their privacy seriously.
By following this type of active method, you'd be making sure that your users are bound by the legal agreements you've linked to since you'll be obtaining active consent from users: users must check the "I agree" checkbox before continuing.
Here an example of this from The Weather Channel. It lets users know that "by selecting" the checkbox, a user is agreeing to the linked legal agreements:
Even mobile apps can use the example of checkboxes by requiring a user to tap the checkbox.
Airbnb app requires a user to tap a checkbox and then tap the "Accept" button:
- It's required by law if you collect personal information
- It's required by third-party services
- Users are intersted in their privacy
- It's ubiquitous