The Risks of Not Having a Privacy Policy

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

You may have noticed a flurry of “we have updated our Privacy Policy” emails lately. You may have also noticed that you are often required to agree to a Privacy Policy when creating an account with a service or even submitting your information on a contact form. In truth, you are very likely to encounter a Privacy Policy on most websites. If you are the owner of a small business, you may be asking yourself whether your website needs a Privacy Policy too. In this post, we will discuss what a Privacy Policy is, why your website needs one and the risks of not having one so that you can make an informed decision and protect yourself. 

What is a Privacy Policy? 

A Privacy Policy is a document that explains the data collection, usage, and sharing practices of a particular website. A Privacy Policy will usually disclose what personal information you collect, what you do with that personal information, and who you share it with. Additional disclosures are often included in the Privacy Policy to comply with certain privacy laws. In this case, personal information means any information that can be used to identify an individual. Examples of personal information can be name, email and phone number. 

Risk 1: non-compliance, fines and lawsuits

The first risk of not having a Privacy Policy is violating privacy laws and being fined for non-compliance. The collection, use and disclosure of personal information online is governed by the following privacy laws: 

  1. European Union’s General Data Protection Regulation (GDPR); 
  2. California Online Privacy Protection Act of 2003 (CalOPPA); 
  3. California Consumer Privacy Act (CCPA); 
  4. Nevada Revised Statutes Chapter 603A. 

If you are not located in the European Union, California, or Nevada, that does not mean that you are in the clear. One of the defining features of these privacy laws is that they protect the consumers of those areas, not the businesses. This means that companies located outside of those areas will need to comply. For example, CalOPPA applies to operators of websites that collect the personal information of Californians. If it is possible that someone from California submits a contact form on your website, you need to have a compliant Privacy Policy. 

If you need to comply with these laws, not having a Privacy Policy on your website can lead to large fines. Most privacy laws impose fines of $2,500 to $7,500 per violation. “Per violation” does not mean $2,500 for not having a Privacy Policy, it means per website visitor. You can probably see how this could add up to an astronomical fine, even if you only have a few hundred visitors to your website per month. 

Risk 2: being unprepared for future privacy laws

Fortunately for some and unfortunately for others, privacy is a constantly changing and evolving field. Consumers are more and more interested in the privacy of their personal information and legislators are eager to satisfy that interest. Currently, eleven states have proposed their own privacy bills that would protect consumers and regulate the collection, use and disclosure of personal information on websites. 

States requiring a privacy policy and more.

Note that all of the proposed bills would apply to businesses outside of those states and would require the to have a Privacy Policy that makes very specific disclosures. If you do not have a Privacy Policy now, you will be even more behind on compliance preparations if any of the bills above become law. 

Risk 3: losing the trust of your customers

In a study conducted by IBM, 89% of consumers said that companies should be more clear about how their products use data. Furthermore, 81% of consumers said that in the past year, they have become more concerned with how companies use their data.  While we can all rightfully blame Facebook and Cambridge Analytica for this new-found concern, the truth is that consumers feel this way about all data collection by all companies. Consumers want to see their privacy rights being respected. Failing to assuage these fears by not having a Privacy Policy leads to a loss of trust. We are all consumers so ask yourself: if you could choose between a company that respects your rights and one who does not, which one would you choose? Don’t make your customers choose your competitor over a Privacy Policy – get one and put this concern to rest. 

Risk 4: sales cycle delays

Cisco performed a study that found that 65% of businesses experienced delays in their sales cycles due to privacy concerns. The average delay of the sales cycle was 7.8 weeks. Furthermore, privacy maturity correlated with the likelihood and costs of data breaches. By not having a Privacy Policy, you risk a delay in closing deals and making sales, which no small business wants.

It is clear that not having a Privacy Policy can open you up to a multitude of risks, from fines and lawsuits to losing trust and sales. We hope that you look into Termageddon, which is a Privacy Policy generator that automatically updates your policy whenever the laws change, so that you don’t have to take these risks and worry about privacy compliance.

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore


The Importance of Having a Follow Up System

If you’re looking to grow and expand a business, you always need to generate leads and customers. Running a marketing campaign and rolling ads online


WordPress and Why You Should Be Using It

Many company and personal websites range from the very simple one-pager to full blown communities. Of those websites, over 30% of them are powered by

Do You Want To Boost Your Business?

drop us a line and keep in touch