If you’re anything like I was when I created my first website, you might be asking yourself: Do I really need a privacy policy for my website?
Well… If you’re starting any kind of company today (yep, even a yoga business), the answer is likely “yes, you really do”.
Before we dive in deeper, let me just quickly state this little legal disclaimer:
Nothing in this article should be taken as legal advice. I advise that you consult with your own attorney to ensure you comply with your local law.
Now that’s out of the way, let’s talk more about why you need a privacy policy.
Starting your yoga business can be overwhelming. There are so many moving parts to manage all at once, and it’s easy for your privacy policy to get overlooked (or completely forgotten) in the shuffle.
But with the new EU GDPR law and more international privacy regulations cropping up, skipping out on a privacy policy is just asking for trouble.
Here’s the deal: if you’re in the European Union, you are required to have a privacy policy to comply with the new GDPR privacy laws. And if you’re from the US, California law requires you to disclose certain information. There are probably many more laws in other countries that I’m not aware off. In any case, get a privacy policy or you could face hefty fines.
What exactly is a privacy policy?
Basically, your privacy policy lets your visitors know what type of data you’re collecting, and what you’re doing with that data. It should provide information about how you’re collecting data, your policy for storing customer data and where the data is being stored.
Your privacy policy may also include information on who has access to your customer’s data. This can mean giving customers the right to request access to their data if they want and provide them with a contact info if they have any question about the privacy policy.
Finally, privacy policies often include the security policy you use to protect the data you’re collecting. This usually means an outline of the security measures taken to safeguard customer data by you, or the vendors you use.
Ultimately, your privacy policy provides a safeguard for both you and your visitors. If you’re collecting data from visitors, you should tell them what you’re doing, how you’re doing it, and how it’s being safeguarded. It’s all about transparency.
What do I need to put in my privacy policy?
Here’s what you should include in your privacy policy:
- Your relevant contact information.
- What information you collect and the basis for collecting it (for example when you collect email addresses so people can sign up to your newsletter)
- What you do with the data (including who else gets access).
- The visitors’ rights under the GDPR.
- This doesn’t really help you, right? Here’s what you can do to write your privacy policy.
It’s up to you to determine what kind of privacy policy your business needs, and you should consult with a legal professional.
You can look up other great websites and copy their privacy policy, or, and that’s what I did, pay for a package from a lawyer. Yes, you need to spend some bucks, but it’s still cheaper than paying a lawyer to draft your policy for you.
I bought a GDPR package from Suzanne Dibble, a UK based lawyer. It included a template for a privacy policy and lots more, like a cookie policy, email templates and checklists. Not cheap, but worth it.
Finally, there are privacy policy generators that often offer basic privacy policies for free (google privacy policy generator).
Again, I emphasize that you should consult with an attorney on what type of policy is best for your needs.
Where do you put your privacy policy?
You should create a standalone page on your website that includes the policy.
Put links to that page in your footer navigation on your website and on any other opt-in pages, sales pages, webinar registration pages, etc.
Under the new GDPR regulations, you should also put a link to your privacy policy anywhere that you ask for consent or collect data as well, so any sign up forms.
And that’s it. Let me know, do you already have a privacy policy? How did you set it up?