Lindsey Marshall on March 11, 2009
In our last blog about privacy policy creation we mentioned that in some cases a privacy policy is a legal requirement for a website. The following list mentions some of the cases where a privacy policy is required by law. This list is not comprehensive. If you have any questions about your own privacy policy requirements you should consult with a lawyer.
- If you are collecting personal information from any California residents, California state law requires you to post a privacy policy.
- If you process credit card transactions online, your credit card processor may require you to post a privacy policy as a part of your merchant agreement.
- If you display Google AdSense advertising on your website, Google requires you to “post and abide by a transparent privacy policy that users see” as a part of your publishers agreement.
- If your website is directed towards children or collects personal data from children under the age of 13, federal law requires a privacy policy that follows strict guidelines.
- If your website is a financial institution (and this includes retail stores that extend credit to their customers), federal law requires you to post a privacy policy.
- If you are a health care or plan provider, such as a doctor or pharmacy, federal law requires you to post a privacy policy.
Resources:
Gwinnett Business Journal – “Policing Your Privacy Policy”
Google AdSense privacy policy requirements
Children’s Online Privacy Protection Act of 1998
Gramm-Leach-Billey Financial Modernization Act of 1999
Health Insurance POrtability and Accountability Act of 1996 (HIPAA)
I searched on google and I had a hard time located the right info….until I found your blog.
I found your blog on google and read a few of your other posts. I just added you to my Google News Reader. Keep up the good work. Look forward to reading more from you in the future.
And if you are providing a portal to collect that information / directing the user to a site that will retain the information you submit ( as when you place a search in a search box , including the search tool on our websites)
I am not out to advertise on your pages,but I felt that it should be added that any site or a portal to where input information is retained should have a privacy policy and terms of use : the user must be given the oppertunity to be aware that their information is NOT staying in that one place or that that it will be retained, accessibly retained, on a server someplace.
Just surfed in, and have to say that his is a great post.
love the write up…i’m going to keep checking back in!