The Importance Of Privacy Policies
When starting a new online business, you are much more likely to focus on building relationships with vendors and hiring employees than creating a privacy policy. “Nobody ever reads them anyway,” you might think. In reality, however, privacy policies can be extremely important, from both a legal and customer trust perspective.
Why are privacy policies important?
Depending on the industry you operate in, you may be legally obligated to have a privacy policy listed on your website (and potentially offline as well). Financial institutions, medical practitioners, and other businesses which deal with sensitive data are usually obligated to spell out the processes they follow when handling customer information. An experienced business attorney will be able to explain your specific obligations under the law.
Of course, even if you are not in one of the industries which mandate privacy policies, you may still benefit from creating one. By being open, honest, and transparent about your data policies, you are likely to build a reputation as a trustworthy organization among your customers. As you build trust with your customers, they are likely to continue returning to your business time after time.
What are the risks of not having a privacy policy in place?
If your company is legally obligated to have a privacy policy, but you fail to create one, you are likely to receive some form of legal punishment. The nature of the punishment will depend on a variety of different factors, but fines and the suspension of business licenses are not uncommon. Your business attorney can walk you through your specific risks and potential punishments.
In unregulated industries, there are still some risks to not having a privacy policy. Most notably, the absence of any information about your handling of consumer data may lead to people wondering if you are being deliberately shady or trying to hide something. A poor reputation such as this can be tough for a small business to recover from.
Upcoming Changes to California Privacy Law
In an effort to better protect consumers from data misuse, the state of California recently passed the California Consumer Privacy Act (CCPA). This law goes into effect on January 1st, 2020 and will impact companies who conduct business in California or collect data on residents of the state and meet one of the following three criteria:
- Have annual gross revenues of more than $25 million.
- Derive more than 50 percent of their revenue from selling consumer data.
- Buy, sell, or share the personal information of more than 50,000 people each year.
The CCPA will require businesses which fit this description to provide consumers with information about the data they store, who they sell it to, the purpose of collecting it, and much more. Companies in violation of the law can be fined up to $2,500 per instance.
Semanchik Law Group
As a business attorney in San Diego, Nikki Semanchik has helped hundreds of local business draft privacy policies that are fully compliant with applicable regulations. If you need help creating a data handling policy for your organization or have questions about the upcoming changes to California law, please do not hesitate to get in touch. You can call (619) 535-1811 to set up a consultation.
