Key Takeaways: January 2022 Webinar
Cookie Monsters:
Key Takeaways from Get to Know Your Website’s Fine Print
As sure as the seasons change, the time will come to update or revamp your company's website. It's also a good time to evaluate your site's privacy policy and terms and conditions. At our January event, web compliance experts provided insight on legal and web development factors to consider. Here are some of the key points they shared.
Scot Ganow and Zenus Franklin of Taft Stettinius & Hollister, LLP, described the data protection and privacy requirements of the General Data Protection Regulation (GDPR) established by the European Union and similar requirements such as the California Consumer Privacy Act (CCPA). It's important to understand that regardless of the origin of the regulations, they can all potentially impact your organization's use of information that can identify an individual customer, employee, and others.
One of the major principles for using personal data is transparency with a privacy policy that is available to the public and explains what data you collect, how it's collected, and how it's used. That policy needs to be concise, use clear and plain language, be free of change and in writing (or other accessible means), and be accurate.
Mark Miller and Ryan Whetstone of US Digital Partners then ran through five steps to address legal requirements when developing the website:
- Follow the requirements of any add-on or plug-in tools/software, including buttons to accept cookies. Also allow the user to choose to accept cookies again when they revisit the site or whenever you update the policies.
- Follow the add-on and plug-in styling requirements on how popups appear on the screen to share the privacy policy.
- Understand where data is stored and document it, recognizing that data can be stored in multiple locations.
- For users to request removal of information, have one point of contact who knows where the data exists and who has responsibility to remove it.
- Ensure that the privacy and cookie policies are clearly defined.
Our presenters emphasized that in addition to avoiding legal threats, complying with privacy regulations is good for business. Customers now have much greater expectations that their information will be protected.