Privacy Must-Haves

Posted in:

There are a couple of things every website should be doing regarding privacy, including yours.

Transcript

There are a couple of things that every website should be doing, including yours. It doesn’t matter what industry you’re in or what service you provide or what product you sell. Every single website should be doing these couple of things.

First is the privacy policy. You should have it up to date all the time, and there are a few ways you can go about it. There’s a service that I use that auto updates the policy. I tell them what I’m doing on the site and what kind of things that I need to have on there, and it will auto update as per the latest updates that are happening in my area and all of that. I find that to be the easiest and most legit way of doing that.

And it just basically tells people how you’re using information that you’re gathering on the site and how you intend to protect their privacy. It’s a little bit more involved than that, but that’s at the base level, what it is. And every website should be informing people what you’re doing, whether it’s filling out a contact form or whatever data you’re collecting on them.

They should know what happens when they submit stuff to you, and that data could be directly inputted, or it could be like searching on the site. Do you save their search history? Are they logging into your site to do something? Are you using any kind of other data about them, even if you just have a basic contact form?

So that’s number one. You can either go through a lawyer, you can use a service, but it definitely needs to be there, and it has to be linked on every single page. So put it in your footer.

The second one that’s arguably a little bit more detailed and harder to do is a cookie notice. You should have one or don’t have any cookies, which is incredibly hard to do, but you also need to have it done in the right way. Having a little pop up on your website that says, we use cookies, click okay, that doesn’t do anything. You might as well not have anything there. It’s kind of implied that you’re going to have some cookies, notifying people that you’re doing it is kind of, there’s no consent there when somebody comes to your site.

Only essential cookies should be turned on, which means only things that need to be there for your site to function. Everything else should be turned off by default, and they need to then opt in to those cookies. It’s incredibly hard nowadays to stop all of these big corporations from tracking us in everything that we do. So you need to allow people to opt in to allowing you to track some of their data.

There are also services out there, like alternatives to Google Analytics, that will do things a little bit more privately that you may not need to notify with cookies notice, but you definitely need one.

Have you heard about the Nifty Evaluator for WCAG Testing?