Have you ever wondered whether you need a privacy policy on your site? Or a cookie notice? The short answer to that is: yes, you do. in this post I will tell you why you need it and what conditions it needs to meet, and I will share some thoughts on disclaimers too.
Why do you need a privacy policy?
If you run a WordPress website and you allow comments on your blog, you are storing personal information of your visitors, such as name and email address. The same goes for contact forms, which enables your visitors to send you emails — they enter personal information on those forms, and that information is stored in your WordPress dashboard. This is the primary reason why you need a privacy policy, and this is required by privacy laws worldwide.
You need a privacy policy, because you have to tell your visitors what you do with their personal information. Wouldn’t you want to know what others do with your personal information too?
Why do you need a cookie notice?
It is not only the information you ‘actively’ collect through comments and contact forms that falls under the privacy laws, but also those you ‘inactively’ collect. Cookies can be described as the short term memory of the Internet, as they ‘remember’ bits of information and are stored in the browser of your visitor. They help to make your web visits more personal.
Now, we can’t just go and add our own stuff to someone else’s computer, right? So we need to let them know we are doing it, and to give them the option to deny you access to their computer. For that you need a cookie notice.
What contents should be in your privacy policy?
The information you are obliged to put in your privacy policy is as follows:
- What information you collect from your visitors (note: if you have a webshop, you will obviously collect more information than only a name and an email address like you do when visitors comment on your blog);
- Tell your visitors how you obtain the information (i.e. comments and contact form);
- Share the reason you request this information (i.e. to be able to get in contact with them to answer any questions);
- Inform your visitors on how you store this information (i.e. in your WordPress dashboard);
- Share how you will protect the information (i.e. to never share their personal information with anyone else);
- Tell your visitors who else has access to your information (i.e. third party software for analytics or email newsletters).
What contents should be in your cookie notice?
There was a time when it was enough to just inform your visitors about the use of cookies, but this is no longer the case under the GDPR (General Data Protection Regulation). It is required that users should be given a real choice when it comes to consenting to cookies. This means:
- Your visitor should be able to freely give their consent, which means consent should not be obtained as a condition for continuing to use your site;
- Your visitor should be able to reverse their consent;
- By means of a cookie/privacy policy you tell your visitors what information you store, so they can make an informed decision regarding the storage of cookies.
Helpful plugins
In order to write a privacy policy, you can either copy it from someone else’s site and then adapt it to your own website. You are welcome to copy the Blogable privacy policy or the one I have on my site, although you will see the two are very similar. Alternatively, you can use one of several plugins that have been created for this purpose.
As for a cookie notice, I formerly used the pluging EU Cookie Law, but this only allowed the user to click ‘Accept’. There was no way for the user to reject the storage of cookies. I changed over to GDPR Cookie Consent (CCPA Ready), which complies entirely to the GDPR, and is easy to use, and even easier after you have watched the video on the plugin page. This plugin also helps you to create a cookie policy, and you can also combine your privacy and cookie policy in one page.
Thoughts on disclaimers
The first question you might ask is: do you need a disclaimer on your site?
My answer will always be: yes, you do. Every blog, every website needs a disclaimer, no matter what, as it protects your from lawsuits, as you don’t want to be held responsible for anything that you might write or post on your blog.
If you post content that can be rated as 18+, you should add that to your disclaimer. If you talk about any health, legal, financial or any other professional issues, make sure you put in your disclaimer that this is not advice, but your personal observations. Do you share sponsored posts, articles you have taken money for? Mention that in your disclaimer.
Bottom line, mention anything in your disclaimer that you think might have the possibility if becoming a legal issue.
You can search for a plugin to help you with writing a disclaimer, or just copy the disclaimer from this site and adjust it to your own.
Conclusion
To get all of the above — cookie banner, privacy and cookie policy and a disclaimer — set up on your site is a lot of work, but once you have it in place, all you have to do is visit it once a year (like you should also do with your about page) and check whether all you have mentioned still applies. Update it, change the date at the bottom and voila! You are done for another year.
As always, if you have any questions, please don’t hesitate to get in contact with me.
Image from Pixabay
This is such useful information. And you make it easy to understand too. Sometimes these things seem like boring tasks but I know this is important and it is on my to-do list for next week for Sex Matters and 4thoughts..
May x