1. It's the law!
  • In order to demonstrate compliance with the ePrivacy Directive, GDPR and the Data Protection Act 2018 every website must have a clear and concise privacy policy. This will remain law after Brexit too as GDPR will still apply within the UK.
  • Even if you are a small business, don't think that the ICO won't take action. The ICO are now enforcing against small businesses, not just large corporations.
  1. To give customers/users confidence in how their data is used.
  • When customers/users access your site, you are collecting their personal data. Your privacy policy should detail how this data is collected, processed, stored and transferred, as well as informing the data subject of their rights. However, if the site does not have a privacy policy the user may lose confidence and may decide to shop elsewhere in order to keep their personal data secure.
  1. To make sure everyone is able to understand the policy.
  • As mentioned above, privacy policies must be clear and concise. This means that it should contain jargon-free language with no tech jargon or legalese so everyone understands, including those reading in a second or third language.
  • Using tech jargon or legalese will over complicate the policy causing users to become confused and again lose confidence.
  1. To reassure customers.
  • Some customers to your site may be spending a large amount of money or may be buying highly regulated products. If the customer is not able to view a privacy policy when visiting the site, they may start to wonder what else is missing from the business or what corners may have been cut. Having a privacy policy present on the site reassures customers that everything is done correctly and encourages them to continue providing their custom.
  1. To reassure your suppliers and partners/investors.
  • Suppliers may have similar thoughts to customers if a privacy policy is not present on your site. They may give it a second thought before entering into a contract with you.
  • Similarly, partners/investors may not want to engage in business with you due to lack of confidence when it comes to complying with regulatory requirements. If regulatory requirements are not complied with, what else could the business be missing?

For the avoidance of doubt all five of our points above apply if you are doing business through a website or App.

Digital Law has been advising clients around the world on how to structure their website terms, privacy, cookies and corporate compliance online. From Leeds to London, Sheffield to Sydney and Newcastle to New York we have been helping businesses when it comes to doing business online to access new markets in the UK, Europe or elsewhere, be it selling goods or services, running a one-off promotion or competition.

Our experts have spoken at Conferences and events around the world and all we do is advise on Digital, Data and Cyber legal issues.

Originally published 5 February 2020

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.