Last updated on 24 August 2022 by Jaclyn Kilani (Legal writer at TermsFeed)
To circumvent loopholes like these, regulations were put into place to ensure that consumers had easy access to Privacy Policies that concern personal data.
These are two of the pertinent regulations that apply to most online businesses:
GDPR - Europe's General Data Protection Regulation can be enforced on any company that collects personal information from European residents. The GDPR states the following regarding Privacy Policies:
Beyond these specific requirements, regulations like the GDPR and Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) also require that consumers be informed of how their information is used when they give consent for data processing.
In other words, when users send their personal data to your business and consent for the data to be processed on their behalf, they must be well-informed of how that data will be used at the time of consent.
Not only are practices like these required by privacy laws, they are good methods to establish open, transparent relationships with customers from the first moment of contact.
This is acceptable and considered to be "clear and conspicuous" enough.
Here's a standard example of this type of navigation from Upwork:
Here's another example of this type of linking on the National Review website:
From the second an individual sends you their personal information, your business is technically processing their data. It is a good idea to let them know how that data will be handled from the start.
A signup form marks the beginning of a business relationship. Since you will be using this customer's personal data to communicate with them, provide services, and potentially advertise to them, it is imperative that the consumer understands how their personal data will be used when they sign up.
And here's how QVC does it:
Especially if your business uses consumer data to serve personalized advertising, you may want to incorporate a consent checkbox into the signup form.
Check out this example from Canvas:
Here's another example of how this can be done from HostGator:
Here's the Apple App Store listing:
And here's the Google Play Store listing:
Incorporating prominent links to the Privacy Notice makes sure the user understands that by clicking the "Create Account" button, they are agreeing to the Privacy Notice.
PayPal goes one step further than this and obtains a more specific, unambiguous record of consent by implementing a consent checkbox within the registration form:
Checkout forms within mobile apps often collect the same types of information as any other shopping cart interface, such as addresses and credit card numbers. Customers and law enforcement alike are especially concerned about the way personal data like this is handled.
In mobile apps:
This article is not a substitute for professional legal advice. This article does not create an attorney-client relationship, nor is it a solicitation to offer legal advice.
24 August 2022