Last updated on 04 October 2022 by Sara Pegarella (Law school graduate, B.A. in English/Writing. In-house writer at TermsFeed)
In the U.S., the California Online Privacy Protection Act (CalOPPA) dictates that if you collect any personal information from any California-based users, such as email addresses, GPS location, phone numbers, or mailing addresses, you are required to have a legal statement available for users to review that discloses the privacy practices of your business.
Due to the wide-reaching nature of internet and technology, the CalOPPA Act in effect means that if you collect any kind of personal information, even if it's only an email address, you should have that legal statement as required by CalOPPA in place because California residents are likely to be using your websites or apps.
Canada, Australia or Europe aren't different in this regard.
For example, the EU Directive is not limited to EU countries only, but works on a global level as it affects any business that collects personal information from any user in the EU or transfers personal information to or from an EU country.
While there are a number of other laws put in place in other countries, such as the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, and the Privacy Act of 1988 in Australia, CalOPPA and the EU Directive are far-reaching and influential laws that sum up global requirements in privacy matters, especially for online businesses.
Google AdWords can be used as a very effective remarketing tool. But remarketing campaigns are using cookies to track users' activity online and show customized advertisements.
The Data Use Policy of Twitter states that:
Twitter requires you to enter the URL for your legal statement in order to be able to sign up for the Lead Generation Card service:
Facebook does it too.
If your mobile app will be available on an app store, such as the Apple App Store or the Google Play Store for Android devices, you're most likely to be required to have this legal statement either by the law (if you collect personal data) and by the terms of the app stores' legal agreements (even if you don't collect personal data).
While the Google Play Store does not explicitly require that you have this kind of statement in place for your Android app, Google requires that "privacy procedures and notices [be] in place" when a developer or app distributor is signing up for a Google Play account.
If the users provide you with, or your Product accesses or uses, user names, passwords, or other login information or personal information, you must make the users aware that the information will be available to your Product, and you must provide a legally adequate privacy notice and protection for those users.
Use this legally required statement as a way to showcase how you handle a user's personal information and provide as much clear, accurate, and thorough information as possible to really make your users feel comfortable and informed.
It's short, sweet, and tells everything that needs to be told in just a few sentences:
Also, don't disregard common practices on how to make this kind of legal statement available to users.
Users look for links to Privacy Policies in the footer of a website. You should always include visible links to your legal agreements across all pages of your websites - even if that's a landing page - so users can review these agreements.
If you're developing a mobile app, most mobile apps can include a link to their Privacy Policies in an easily-accessible menu screen.
You can also be more active in informing users about your practice practices. To get users actively involved in acknowledging your legal agreements, consider having an "I agree" checkbox presented to your users when they first sign up for an account on your website or app.
This is an active way to let users know that you a legal agreement they need to agree to, but it can also have the benefit of putting users at ease when it comes to the security of their data when they first sign-up. It shows that you take their privacy seriously.
By following this type of active method, you'd be making sure that your users are bound by the legal agreements you've linked to since you'll be obtaining active consent from users: users must check the "I agree" checkbox before continuing.
Here an example of this from The Weather Channel. It lets users know that "by selecting" the checkbox, a user is agreeing to the linked legal agreements:
Even mobile apps can use the example of checkboxes by requiring a user to tap the checkbox.
Airbnb app requires a user to tap a checkbox and then tap the "Accept" button:
This article is not a substitute for professional legal advice. This article does not create an attorney-client relationship, nor is it a solicitation to offer legal advice.
04 October 2022