You might be wondering what type of data is considered personal information. Here are examples of what type of personal information you might be collecting on your website:
- Email address
- Phone number
- Credit card number
- Date of birth
- Location (IP addresses and geolocation)
So, if you have a website and someone visits it and interacts with it, it means that you are collecting their personal data, which can be used to identify them and thus should be protected.
Even if your business is not located in a country where the laws are in place to regulate the collection of personal data, but you have people from that country visiting and using your website, your business should comply with the law of that country.
The United States doesn’t have strict privacy protection laws in place at the federal level. However, the FTC (Federal Trade Commission) has policies in place that help protect people’s personal data and ensure that websites are operating fairly and are not selling people’s information or leaving it unprotected for hackers.
Europe has one of the strictest privacy protection laws in the world. General Data Protection Regulation (GDPR) that went into effect in 2018 outlines information (Articles 12, 13, and 14) on how businesses should handle personal data collected online.
As you can see, no matter where your business is based and operates, chances are that you’ll get visitors from all around the world, and you should be aware of the data collection laws and regulations so you can comply with them and avoid getting fined.
What are cookies?
Cookies are small files hosted on the user’s computer designed to hold specific data connected to a particular website. For example, when you create an account online and choose to save your username and password so you can automatically log in the next time, this information is stored in a cookie.
Using cookies helps streamline visitors’ browsing experience and helps website owners track certain metrics like how many visitors are on their website.
You can see your cookies anytime in your browsers, you can delete them, and all websites are required to ask if you’re OK with cookies being used, which you can always decline.
T&C agreement should inform the consumer of what they’ll be required to do once they subscribe to or purchase your service. It is not required by law. However, it’s useful to have to protect your business from any liability or complaints.
A good example is Google:
As you can see, it’s visible at the bottom of their page and separated from the Terms and Conditions.
Shopify also has theirs positioned clearly at the bottom of the homepage:
Create one yourself
- Who is collecting the data – your business name, address, location, and contact information.
- For what purpose is the information collected?
- What personal information is collected?
- How is it collected?
- With who the collected information will be shared? And why?
- How can users complain if there is a need in any case?
Hire someone to do it for you
Use template generator
However, you want to ensure that you’re using a reputable template generator that complies with the different laws and has up-to-date information.