This webpage contains affiliate links which may earn commissions for purchases made at no additional cost to you.
Disclaimer: This is not legal advice. To ensure that you and your website are compliant, please consult an attorney.
Consumers’ right to privacy and giving permission to companies to collect data on their sites is an important topic, and it can often be muddy and confusing. Our last article on this topic was written in 2021, giving an overview of GDPR compliance for SquareSpace. It may as well have been written a decade ago given the amount of change that has happened! To the benefit of individuals, privacy laws continue to form and evolve all over the world. There are states in the US that have instituted new laws regarding the collection of personal data and information like California, Colorado, Connecticut, Utah, and Virginia, and many other states have this legislation in the works. Privacy laws have evolved outside the US in countries like Australia, New Zealand and South Africa, in addition to the precedent laws in the EU and UK with GDPR.
What do these laws do?
In short, these laws exist to protect individual’s privacy and personal data, and how it is collected, used, and processed. They require businesses and organizations to offer their website or app users the ability to choose what information and choices are shared, and how much or how little they want to be tracked and stored for analytics, data, and ads (to name a few). They also gives the user the ability to request what information about them is being collected and to request it being deleted by the business or website. If a business is found to not be compliant, it can face legal repercussions such as fines.
How does this apply to my business?
The impact of these laws to your business depends on the type of information you are collecting or plan to collect about website visitors.
- Do you have a contact form on your site?
- Do you offer a freebie/lead magnet with an email sign-up?
- Does you collect addresses or phone numbers for your users?
Name, addresses, phone numbers and email address are considered personal information.
- Do you have YouTube videos embedded on your website?
- Do you have Google Analytics to track user behavior?
- Do you have a Meta Pixel for Facebook Ads?
These can track your users’ data for analytics and personalized ads. These are all examples of personal data and private information.
How does this affect my analytics data?
Do you use analytics platforms such as Google Analytics, VWO, or Hotjar to track user behavior on your website?
As a web design and conversion rate optimization company, analytics is integral to what we do because it allows us to understand how website visitors access and engage with the content on a website. Without website analytics, a business is unable to understand how well the website is performing against its digital objectives.
This is why we try to stay up-to-date on the ever-evolving landscape of laws impacting how analytics data can be tracked. In 2022, a few countries in the EU ruled that Google Analytics breached GDPR due to how and where Google was storing the analytics data of EU citizens. For several months, no one really knew in which scenarios it wasn’t legal to have Google Analytics on a website that collected data about EU citizens. In July 2023, the European Commission adopted the EU-.U.S Data Privacy Framework, which provides protection for personal data of EU citizens that is transferred to US companies.
This is just an example of how analytics platforms have been impacted with changing laws, but it underlies the importance of working with a trusted partner that can help advise you and your website so that it can stay as compliant as possible.
How do I make sure my business is compliant?
First of all, we are not experts in privacy law. We definitely recommend reviewing this topic with a lawyer, who can assist with your specific business needs and provide guidance.
In the US, each individual state has their own privacy laws with varying levels of protection. Currently, there is no US federal data privacy law. It is up to the business owner to keep up with new or updated state laws and legal threshold for their business or international laws if serving clients or customers outside the US.
This can be a lot to keep up with, so we suggest using a resource to ensure that you and your business stay up-to-date and compliant as laws evolve. There are many online resources for creating privacy policies, terms & conditions, and cookie policies for your website.
Termaggedon is an online platform that helps you generate customized policies for your website after you answer their questions. They help to keep your policies up-to-date as laws change and provide a cookie consent modal for your website.
Termly is another popular policy generator with cookie consent options. CookiePro is an online platform that helps you generate customized cookie policies and cookie consent modals with advanced features such as geo-targeting.
We recently implemented CookiePro on a client’s website that is based in the UK and has customers in the US. If someone visits their website from the US, they are notified of the cookies that are being used but aren’t required to provide consent before the cookies are used. If someone visits from the UK or EU, they are required to provide consent before any cookies are used.
Conclusion
Data privacy law compliance is essential for businesses in order to protect their customers’ sensitive information. Not only is it a legal requirement, but it also builds customer trust and loyalty. Navigating these legals waters can be muddy, for us non-attorney people. There are resources and experts to stay updated on current privacy laws and regulations, and prioritize data privacy as a fundamental aspect of business operations. By doing so, businesses can not only protect their customers but also operate ethically and preserve their reputation.
Interested in discussing how to implement privacy protection features on your website? Feel free to hop on our calendar and schedule a low-key discovery call (aka coffee chat) so we can talk about your ideas for your website and how we could partner together.
