This website works best using cookies to improve your experience... »

NoNonsenseCookies.info

Friday 19th October 2018

What Privacy Policy?

Cookie

Privacy Policies have long been a requirement for any website gathering or storing personal information of any kind.

Under the Data Protection Act 1998, which replaced the previous Data Protection Act 1984 in order to comply with the EU Data Protection Directive of 1995, websites are required to adhere to the following 8 principals:

  1. Personal data shall be processed fairly and lawfully
  2. Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
  3. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
  4. Personal data shall be accurate and, where necessary, kept up to date.
  5. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
  6. About the rights of individuals e.g. You have the right to have data about you removed.[
  7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
  8. Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

The majority of responsible websites comply with these regulations in the form of a Privacy Policy page on their website (although on some websites, finding it can take a bit of digging around to find it!).

What if I don't have a Privacy Policy?

If you collect personal data (no matter how small) you really MUST create one. There are a number of free templates available, so take a look around. You should have a policy that is suited to your business model, but starting with a template and then modifying it to fit your needs is the easiest way to go. Take a look at our Privacy Policy as a starter if you like.

Direct (email) Marketing

If you use contact information (gathered from your website, or elsewhere) to send out promotional emails, there are further regulations which you need to comply with. The most important of these is to allow an 'Opt Out' for anyone on your mailing list. This can be as simple as a link at the bottom of any emails you send out, or a checkbox on your website forms. Either way, you MUST provide this option or face possible prosecution for non-compliance.

The above notes are for guidance only. For further information, please visit the Information Commissioner's Office.

If, after having read all the previous pages, you are thinking to yourself "This all sounds like too much work to me, is it really worth it?", then please take a look at the next section - Why should I bother before making your mind up.