Why You Should Have a Privacy Policy Even If No Contact Form

Since the new CCPA law went into effect, I’ve had a few requests to remove contact forms from websites. You do not need a Privacy Policy if you’re not collecting ANY personally identifiable information. However, data collection and privacy has become a BIG issue. People – including legal authorities – will expect to see a Privacy link in the footer of the website.

Many people visiting your website may not understand that the policy is not a legal requirement if you’re not collecting personal information.

Even if you get rid of your contact form from your website and/or Google Analytics in order to avoid the need for the policy, you should STILL have a Privacy Policy Page with a very simple statement that you do not collect, share, rent, or sell personal information.

An example of a Privacy Policy Page when you’re not collecting ANY personally identifiable information:

This website (nameofyourwebsite.com) does not collect or transmit any Personally Identifiable Information (PII) about you, such as your name, address, phone number, email address, banking information, etc.

You might also want to include other brief notices about DNT, Cookies, and links to your social media sites, such as:

DO NOT TRACK SIGNALS
Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. Most modern browsers provide this option. We do not support Do Not Track (“DNT”). You can enable or disable DNT by visiting the Preferences or Settings page of your web browser.

COOKIES
Most web browsers automatically accept Cookies. Visitors who do not wish to have cookies placed on their computers should set their browsers to refuse Cookies before visiting websites, with the drawback that certain features of our website may not function properly without the use of Cookies. A cookie in no way gives us access to your computer or any personal information about you.

LINKS TO OUR SOCIAL MEDIA SITES
PLEASE NOTE THAT YOUR RELATIONSHIP WITH FACEBOOK, TWITTER, GOOGLE, YELP, OR ANY OTHER THIRD-PARTY WEBSITE IS GOVERNED SOLELY BY YOUR AGREEMENT WITH SUCH THIRD-PARTY WEBSITE.

When it comes to data collection privacy, it’s far better to be transparent and state that you don’t collect personal data than to arouse suspicion from website visitors — or a competitor trying to pull a “Gotcha!” — by saying not having a Privacy Page.

If You Have the Same Policy You’ve Had for Years

Your Privacy Policy needs to be current to reflect the new law. If you have a newsletter sign-up box on your website, make mention of this in your privacy policy and let your website visitors know that your email campaign program has its own policies. Same for links to your social media platforms, and analytic programs.

Some states are proposing laws that will enable their citizens to sue businesses of any size and location simply for having a contact form without a compliant Privacy Policy.