Often appearing as a pop-up, the Terms and Conditions of Use and Privacy Policy for a company’s website contains a significant amount of information pertinent to the use of said website. It is common for these agreements to require explicit approval before continuing to the website. Some websites, however, only require an implied approval (e.g., by using the website, you agree to the Terms and Conditions of Use and Privacy Policy). Thus, it is essential for any small business to understand the contents of their website’s Terms and Conditions and Privacy Policy because it can substantially impact the functionality and potential liability of a business operating online.
Collection and Use of Data
Depending on the services provided through the website, a business may want to collect more or less data from their users. Generally, this includes the customer’s name, number, email, physical address, and internet protocol (IP) address. This information is commonly used to contact or respond to client inquiries, or even identify who accessed the website and when. However, the more data collected from the users, the better gauge a business owner has on the utility of their website. Hence, analyzing data is an efficient and effective method to evaluate the performance of a company’s online presence.
Terms and Conditions
In short, the Terms and Conditions of a website provides its users with adequate notice. Depending on how much data the business requires, the notice usually contains a detailed description of what data is being collected, how it will be used, waives liability of the business using such data, informs the users where the data may be stored, and more. As explained further below, this notice may also require disclosures pursuant to state and federal law. Other provisions frequently observed in the Terms and Conditions are related to children’s privacy, security protocols, and other third parties that may use such information. Essentially, the objective of the Terms and Conditions is to be clear, succinct, and upfront as to how a business plans on using a customer’s personal data.
Privacy Policies and Applicable Laws
In some states, businesses operating a website may be required to provide disclosures to their users as mandated by state and federal law. For instance, California residents have a right to know their privacy rights, which includes being informed about what data is being collected, from what source(s) this data is being collected from, for what business use, and more. Although Florida recently passed legislation known as the “Florida Digital Bill of Rights,” which mimics Californian law, its application is limited to large businesses earning more than $1 billion in earnings. Therefore, the FDBR does not currently apply to smaller businesses, but it is likely that the law will be expanded to capture the remaining entities operating online in the near future.
Regardless of the above, Florida businesses must still comply with state laws—such as California, if those residents are active users—and federal laws, including HIPAA, the Family Educational Rights and Privacy Act, the Driver’s Privacy Protection Act of 1994, and the Digital Millennium Copyright Act, among others. Thus, it is important to evaluate the intended use of customer data and to inform the users of such use as a business operating online because doing so may implicate several state and federal requirements, which could subject a business to liability if not properly executed.
At Ser & Associates, we understand the importance of protecting your company’s data and the privacy of the patrons that use your company’s website. If we can assist you in drafting or amending your Terms and Conditions and Privacy Policies, please contact us at 305.222.7282 or [email protected]. Also, please be sure to visit us at www.Ser-Associates.com and follow us on Instagram, Facebook, and/or LinkedIn to learn more about how we can further assist you and your business!