Why you should care about your website privacy notice

by Startacus Admin
Over the last few weeks Thomas Taylor a director at Legal Document provider Net Lawman has written some fab posts for Startacus. First up came why forming a company shouldn’t be a priority when starting a business and then last week Thomas returned with an equally burning dilemma - If your Co-founder Left, Who Would Own Your Business?
This week Thomas returns, to highlight why you should care about your website privacy notice. Over to Thomas to explain all...
Having a privacy policy is nothing new. For years, website owners have been telling their visitors how they use personal data.
There have been two reasons: first, to re-assure visitors that their data is safe, that you will not sell it or spam them with marketing messages; and second, because the Data Protection Act 1998 provides that they must comply with certain rules. Compliance is administered by the Information Commissioner’s Office (“ICO”).
After several small changes, the rules changed dramatically with the Data Protection Regulations 2013. To emphasise the changes, they even came up with a simple new name for the document: a “privacy notice”. (The new regulations are technically part of the Act.)
The ICO suggests placing the information you need to provide in a privacy notice, and making that page available from any page on your site. In that way, you comply with the need to make the information accessible whenever someone might need it. Most sites link to it in the footer.
The main changes are:
- Your privacy notice must contain a lot more information than before.
- Your obligations to comply are greater.
- There is a whole new obligation around cookies. You have to ask every visitor to your website whether he trusts you with your data – hence those little pop-ups about cookies everywhere.
Every one of us who runs a website is also a private individual. We like to be free to choose what specific things other people know about us – no matter how freely we use social media. The present Act appears to be powerful and it does protect us to some extent. However, where cookies are concerned, many website operators agree that the rules are “overkill”. But that is how it is. If your website uses cookies, it has to show one of the many variants of pop-up notice you now see everywhere, and it has to show a privacy notice to explain what it is all about.
There are exceptions. If you use social media accounts as a front for your business (such as a Facebook page), or your store is within another site, such as Etsy, Amazon or eBay, then it is the responsibility of the store provider or social media site to inform visitors.
The law aims to make sure that information is collected and used fairly and transparently. It should, provide an individual with information about the organisation; how the data will be used; and who the data will be shared with. It must take in to account the current use of the data as well as likely future uses.
The Information Commissioner’s Office (ICO) has created a “Code of Practice” (which is well worth reading) to guide businesses as to what they should tell their visitors and customers. Although you don’t have to follow the Code, you do have to comply with the law, and following the Code is the easiest way to do this.
The Code is based on eight principles. We can summarise them in six as:
- You take personal information only if you really need it for your transaction with your user and the extent that you need it.
- You must not keep the data longer than you need it.
- Personal data you record must be accurate and kept up to date. (There is no help with how you are to do that. We assume it applies only to date you do not take directly from the human owner).
- You cannot keep the data for longer than you need it for the purpose for which it was given.
- You must take technical steps to prevent unauthorised use of the data, loss of it or damage to it.
- You must not transfer the data to a country where the privacy requirements are substantially less protective than the UK.

The good news is that although there are criminal sanctions for breach, there is no organisation with the money and organisation to police this law. Any retribution for breach is likely to be through a civil court. However, that will not be very effective either because the aggrieved person would have to be able to prove that he had lost money in some way, by the breach.
So, a cynic might say that provided you comply as best you reasonably can, this law is unlikely to hit you hard. That means just two things:
- Get a really good privacy notice; and
- Show one of those cookie permission pop-ups.
Your privacy notice needs to be readable. That means both that your visitors must understand them (a good reason to use plain English rather than legalese) and that the font style and size should be large and clear.
It is tempting to copy the notice of a competitor, but you should be careful in doing so. His might not be a good example – it might not comply with the law, or his business might be slightly different to yours. It is better to find a template online that you can customise from scratch. Net Lawman, for example, provide one for free.
Having a good notice isn’t just about legal compliance. Your visitors will see that you care about their privacy and trust your site. And some of those visitors are not human, but search engines. Although Google has recently been in hot water with the ICO over non-compliance with the law, the search engine has indicated that it looks at whether your site clearly displays a privacy policy as a trust signal when deciding how highly to rank it in the search results.
It is probably something you would rather not deal with, but making sure you have a good privacy notice in place will benefit your new business.
About Thomas
Thomas Taylor a director of Net Lawman, an alternative for small and growing businesses to using a solicitor to obtain legal documents. He is a qualified accountant (FCCA, FPA/FIPA).
Subscribe to our newsletter
If you would like to receive our startup themed newsletter, full of the latest startup opportunities, events, news, stories, tips and advice, then sign up here.
Got a business in the manufacturing sector? These tips on how you can reduce energy costs while being more sustainable are well worth a read...

Innovative InsurTech startup SureIn announces a €4M Seed round to further its mission of making insurance easy, transparent and hassle-free for SMBs.

Nassia Skoulikariti, Director of IoT Programmes, Mobile Ecosystem Forum shares some insights on how IoT is having a significant impact on all our lives.

Roger James Hamilton, Founder and CEO of Genius Group, a world-leading entrepreneur Edtech and education group, discusses how introducing a globalized curriculum will help better prepare students.

SuperFi, the debt prevention platform, has announced a $1m pre-seed funding round to support people during the cost of living crisis.

41 startups from 13 countries, including the UK, have been selected for the 8th Kickstart Innovation program, one of Europe’s leading innovation platforms.

Personal training platform Another Round has secured £300k in its latest fundraise, including investment from angels and its community.

Thingtrax Secures £4.3M to Empower Manufacturers to Build the Factories of the Future

A measure of inflation relief for small firms sees transport costs fall but service price increases remain elevated

Bedfordshire-based HR tech startup HR DataHub has built a range of tools for HR departments
Published on: 18th January 2016
If you would like to enable commenting via your Startacus account, please enable Disqus functionality in your Account Settings.







- SureIn Secures €4M to Close the SMB Insurance Gap 15th Aug 2023 Innovative InsurTech startup SureIn announces a €4M Seed round to further its mission of making insurance easy, transparent and hassle-free for SMBs.
- SuperFi raises $1M pre-seed funding round 28th Jul 2023 SuperFi, the debt prevention platform, has announced a $1m pre-seed funding round to support people during the cost of living crisis.
- Startups rely on AI & sustainability for new partnerships 27th Jul 2023 41 startups from 13 countries, including the UK, have been selected for the 8th Kickstart Innovation program, one of Europe’s leading innovation platforms.
- Another Round closes £300k Seed round to revolutionise personal training 21st Jul 2023 Personal training platform Another Round has secured £300k in its latest fundraise, including investment from angels and its community.