Understanding Privacy Policy Gaps

Oct 2021

Privacy Policy GapsPrivacy policy gaps can leave your business susceptible to a lot of legal issues. Although many business owners aim to set their teams up for success, it can be difficult to know exactly what to include in your policy and how to be transparent about your data practices. We sat down with Jodi Daniels, Certified Informational Privacy Professional and founder and CEO of Red Clover Advisors, to learn more about why you need a privacy policy and how to create the right one for your business.

Companies That Need Privacy Policies

Some companies don’t think they need a website privacy notice because they don’t collect any sensitive information. However, even just collecting a name and email is enough to require a privacy notice. And if you are collecting even more detailed information about site visitors through analytics, your website needs to have a privacy policy in place. Without the right notice in place, your business is at risk.

Policy Gap Analysis

Privacy laws around the globe have specific requirements about what should or should not be included in a company’s privacy policy. 

“Most require the company to disclose what personal data they are collecting, how they are using it, and if they are sharing or selling that data, among other things,” Jodi says. 

A privacy gap analysis looks to see if a company is adhering to these laws and actually doing what their policy states regarding collecting, using, and sharing data. Many times, these analyses reveal very common problems. These include:

  • Using a generic policy
  • Not being in line with the laws in prospective jurisdictions
  • Collecting, using, or sharing information without disclosing these actions to site visitors
  • Missing required disclosures from advertising and analytics vendors

Many businesses also fail to make their privacy policy customer-based. Even if your business has a home base on the east coast, your privacy policy needs to comply with privacy laws for consumers that also live in other parts of the country, or even on the other side of the world. These common mistakes can lead to bigger legal issues if not corrected.

Legal Ramifications of Privacy Policy Gaps

More and more consumers are demanding privacy transparency from businesses all over the world. As a result, many countries, including the U.S., are adopting comprehensive data privacy laws.

“Enforcement of these laws is also ramping up,” Jodi tells us. “California just created the first state-level privacy protection enforcement agency in the U.S., and Congress is considering providing more resources to the Federal Trade Commission to investigate and enforce federal privacy laws. These would supplement the already strong level of enforcement in the EU.”

Companies that do not have a clear policy in place may be subject to hefty fines from regulators and private enforcement.

Benefits of an Optimal Privacy Policy

Every business should have a privacy policy in place that is easy to understand and reflects the company’s respect for data privacy. Jodi is a strong advocate of privacy policies. 

“Companies should have a privacy policy on their websites not only because they are often required by law, but also because having a good privacy policy is actually good for business,” she says. “And if done correctly, they are relatively easy to implement.”

Protect Your Website from Privacy Policy Gaps

“A lot of companies think that they can get by using a privacy policy from a competitor and making a few minor tweaks, but often what works for one company does not necessarily work for another,” Jodi says. 

The best way to craft an optimal privacy policy is to understand how data is collected, used, and shared on your site. Then you can properly disclose the elements of this information to users that visit your site. An ideal privacy policy that truly protects your business needs to be reviewed by an experienced privacy professional. Certified pros like Jodi Daniels understand the complexities of privacy laws and can eliminate gaps that could threaten your business.

megaphone90% of consumers believe companies need to protect personal information more proactively.

How well is your website properly disclosing your privacy practices?

CLICK HERE to sign up for a complimentary 30 Minute Website Audit.

Brianna's signature








Fill out the form below to start your conversation with KWSM.

Core Values at KWSM a digital marketing agency