Here are some examples of how your site may be collecting information on your visitors’:
- If you’re (very sensibly) monitoring activity on your site. This kind of thing is done with a tool such as Google Analytics and is a great way to inform improvements to your site
- If you have a contact form on your site. What do you do with the information your visitors send you? Their names, email addresses, phone numbers are being entrusted to you, and the message they’re sending you may be confidential
- Do you have a mailing list sign up on your site? If so, you need to tell your signer-uppers what you’ll be doing with their details
- If you have a login area on your website. Your site needs to remember the visitor is logged in from one page to the next and this is done by setting a ‘cookie’ in their browser
- If you take payments on your site you need to tell your customers what you’ll be doing with their personal details as well as how you’ll be storing their credit card information.
- Social media ‘follow’ buttons, adverts and other third party widgets will track your visitors, and is something they should be made aware of
Collecting visitor info is normal
The list above is pretty standard. There’s nothing sinister going on and the overwhelming majority of websites will be doing at least one of those things, if not a few.
A few years ago there was a bit of a hoo-ha surrounding cookies on the web. A cookie is a snippet of code that a website sets in your web browser. Let’s use the members’ area login example from earlier:
- A member logs in on your site
- Your site sets a cookie in their browser that says ‘this person is logged in’
- When they navigate around the members’ area, it uses this cookie to keep them logged in
- If they log out the cookie will be amended so they can’t see the members-only pages any more
Useful stuff! Similarly, when someone visits your site, it’s likely that a cookie is set that tracks which pages they’re looking at, how long they’re on each page, etc.
Of course, cookies can be used to more intrusive ends, which is why the law was passed. But the law was rather heavy-handed… Here’s a great video that summarises things nicely:
And here’s the accompanying website.
It seems we’re legally required to get permission from our visitors to track their information.
So do I need a pop up?
A difficult question… Strictly speaking: yes. But it’s more complicated than that.
Pop-ups are a horrible thing to inflict on users, and Google have recently blogged that they will penalise sites with pop ups.
You could write your own policy. Or find someone else’s and amend it, but that all sounds like a lot of work. A quick web search will present you with a number of online tools that will generate a policy for you. All you have to do is fill out a questionnaire.
I’ve tried a few tools over the years and one of the best I’ve found is at PrivacyPolicies.com. There’s a small one-off fee if your website is for commercial use (and if it’s your business’s website, it’s commercial) but it’s well worth it for the effort it will save you.