AdoGreen Recruitment Logo

Privacy Policy

What is a Privacy Policy and why do I need one for my website?

One of the most important things when you are in a business and have a website, that should not be neglected is the legal side of things. In this article, we are going to provide all the information necessary to completely understand Privacy Policies.

It is important to understand that websites usually use cookies that store visitors' information, and because of this, displaying the privacy policy is of utmost importance. Since everything online is exposed to cyber attacks and information theft, make sure to check the privacy laws and legal requirements, as they are quite rigorous if you fail to comply. Let's slow things down and work our way gradually. There is a lot of ground to cover and every single piece of information found here deserves your undivided attention.


What is a privacy policy?

Privacy is considered as one of the fundamental human rights by the Constitution of South Africa. The government has passed legislation to protect individuals from their personal information being collected, distributed and used for numerous purposes without their knowledge in the form of the Protection of Personal Information Act 4 of 2013 which will soon come into effect.

Unlike other legal documents that people and companies display on their websites, the privacy policy is the only one that is required by law.

The definition of a privacy policy is easy to understand: "A privacy policy is a form of agreement. It is required by law if you use and/or collect any website (application user) personal information. The single purpose of this agreement is to inform website visitors about your personal information/ data collection and sharing practices."

Simply put, it is a document that describes in detail what personal information your website collects from its visitors along with how you store it and use it.

The following are examples of personal information which can be collected from websites:

  • Visitor's IP address
  • Full name, name or surname
  • Email address
  • Birthdate
  • Postal Address
  • Any other information that can be used to identify the individual visiting your website

Why you need a privacy policy

There are several compelling reasons why website owners need it, and here are some of them:

  • In many cases, you will be required to display it by law. As we have stated above, privacy is a fundamental human right, and South Africa has laws in place that require you to display it if you live in South Africa or you collect and use any information about our citizens.
  • There are also third-party services that may put you in a position to have to display the privacy policy because they collect and use website visitors' personal information.
  • You will make it easier for your customers to establish a strong connection with your brand. By displaying the privacy policy, you will make your intentions regarding personal information collection, storing, and sharing quite clear. By being deceitful, you not only risk losing all the credibility you have built over the years with website visitors but also facing charges for your illegal activities.

In any case, you can't go wrong with displaying a privacy policy on your website. In case you didn't need it in the first place, there won't be any harm done to you or the website visitors.


Privacy policy law requirements

As we have previously stated, displaying privacy policy agreements is mandatory by law under the Protection of Personal Information Act 4 of 2013, unlike displaying the terms and conditions. This is simply because the collected information can be used to identify an individual who has visited the website. Let's take a closer look at some privacy laws.


What to include in the privacy policy?

Please note that we are going to talk about what to include in the privacy policy in general. You must consult the applicable laws and policies of your country, and countries of your website visitors in order to cover all legal grounds. Or a much better alternative is to create a privacy policy by contacting ADOGREEN LEGAL today.

It is important to note that the privacy policy agreement has two purposes. One is to protect your business, while the other is to inform website visitors. This is why you have to be as pragmatic as you can when writing it. Besides being short and concise, refrain from using complex legalese and jargon when you are writing it.


Type of information collected

It's not enough for you to state that "personal information will be used" - you need to elaborate on this term because it's relative. Therefore, go into the tiniest details when it comes to the information you plan on using, whether that will be only the name, or the name and age, the email address, the state where they live in, and whether you want to access their social platform accounts in order to reach other preferences.


The purpose of information collection

In order to gather as many "yes, I agree", it's necessary to explain the purpose of your which to access personal information. Most websites explain their need for this type of information by stating that it's for the purposes of increasing the overall satisfaction of their clients, customers, or followers. However, you do need to be very specific about your intention and especially so if they exceed the usual expectations.


How you collect information

In order to remove the unfamiliar and shed some light on your privacy policy, you should also state the means you're using in order to gather their personal information. By including this segment, you will enable those particularly suspicious visitors to do some additional research and check whether your method is reliable or not.


How you protect information

What happens on your website should stay on your website. All the information you gather from visitors needs to stay in the circle of your company or partners who have the authority to use it, which of course needs to be stated in your privacy policy. If you want for your target audience to be trustworthy and allow you to use their personal information, you need to make them feel safe.


The option to deny information collection

Although your primary goal is to have as many regular visitors as possible, you still need to allow your target audience to decide whether or not they find your document acceptable. Some business simply restrict access in total if a visitor doesn't want to accept the terms, others make just a part of their content visible, while some just offer it as a proposal. It's up to you to make this decision individually and it needs to be in accordance with your long-term goals.

Since many website owners use some kind of advertising network to further monetize their online presence, here are a few things you need to inform your visitors about when you use Google AdSense.

  • Cookies are going to store information about your prior visits to this website and Google is going to use the cookies to serve ads based on this information.
  • Google also uses the DoubleClick cookies that store not only user information about prior visits to your website, but to other websites as well.
  • You (a website user) can disable this DoubleClick cookie by accessing the settings panel of Google AdSense.
  • If you are using any other advertising networks, make sure to provide a link to those too.
  • Inform users about interest-based advertising, how it works, and what they can do to disable it. Provide additional information by placing links to external websites.

Where to display a privacy policy?

If you have terms and conditions agreement on the website and it references the privacy policy, it is not enough. You are required by law to have the privacy policy as a separate agreement and put on display on your website. One of the reasons behind this is because it makes it easier for website visitors to notice and also understand that there are several different legal agreements.

If you take a look at the websites of major companies you can see that most of them have common privacy policy displaying practices. You can usually find the link to this legal agreement in the footer of a website, on each and every page.

Another common practice is to place a link to the privacy policy agreement on any form where you require a website visitor to enter personal information. It can be placed in line with the email field or as separate notification field contained in the form.


How to enforce a privacy policy?

To be able to enforce a privacy policy, you need to ensure the following:

  • Website visitors can find privacy policy easily.
  • You have provided contact information if visitors have any questions regarding the privacy policy.
  • Visitors are given notice about the privacy policy they need to agree to.
  • You give visitors notice about privacy policy updates, along with a link to previous versions of the agreement (email, private message on the website, popup window).

The enforceability of this agreement can be implemented by using either browse-wrap or clickwrap. A browse-wrap would be the first two examples in the previous section of the article, while the clickwrap method can be seen in the last example of the last section.

It is important to understand that the enforceability of these two methods is different. This is why many websites use both of these methods to properly inform the visitors about their privacy policy.

There are some best practices to follow in order to increase the enforceability of the privacy policy for either of the methods.


Conclusion

Having and displaying a privacy policy on a business website is mandatory by law. It is a unique way to inform your visitors about your information collection, storing, and distribution practices. This legal agreement has the legal power and will be used in the court of law if your business is facing serious charges regarding any of the information privacy law violations. This is why writing and enforcing it deserves your undivided attention.