SixFive’s Privacy Policy Generator will now include a cookie consent system. This new feature comes with a price rise on July 1st 2023.
Here’s what that means for your business.
Cookies, Anyone? 🍪
While people are passively familiar with cookies, they may not know why they pop up. As it turns out, cookies are essential for both users and businesses.
For Users
When you visit a new website, you might be asked to “accept,” “reject,” or “customise” cookies. The simple act of clicking “accept cookies” is called “cookie consent,” which is a part of your website’s Privacy Policy.
A Privacy Policy is a legal statement that clearly explains how a company uses and discloses their users’ personal information. As for cookies, they’re the technology responsible for tracking that information.
Cookies are small files that track user data that the website requires to operate, such as:
- Login and session details
- Email addresses
- IP addresses
- Geographical location
- Previously visited pages
- Time on site
So, whenever you accept a cookie on a website (even when you just want to get that banner out of your way), that means you’re allowing a specific website to track all of the above data.
The primary reason why website owners collect their users’ data through cookies is to make their website functional – these usually cannot be disabled.
The secondary reason is for analytic, and marketing purposes in order to gain insight on their target audiences. These are commonly using data with a third party like Google, Facebook and LinkedIn.
While they’re a great tool for site owners to reach a target market, they’re only safe to accept when compliant with the privacy laws of your users location.
To protect their users’ data, website owners must follow a strict set of rules. They must:
- Let people know if they set cookies on their website
- Explain what cookies are for and what they do, in plain language
- Get the person’s full consent to store a cookie on their device
- Get fresh consent if your use of cookies changes over time
In short, users need to understand that your website is capturing their sensitive data. Which is why your cookie policy needs to be as secure and explicit as possible. To borrow from the Information Commissioner’s Office (ICO):
“To be valid, consent must be freely given, specific and informed. It must involve some form of unambiguous positive action – for example, ticking a box or clicking a link – and the person must fully understand that they are giving you consent.”
That’s why cookie consent banners often come with so much text.
For Businesses
Businesses are required by law to protect their customers. Failing to do so could damage their reputation and result in hefty fines.
If your website collects customer information via contact forms (99% of websites do), uses an analytics platform (especially Google Analytics 4), links data to social media, or collects Personally Identifiable Information (PII), you need a cookie consent policy within your Privacy Policy.
Businesses need full consent from the user before using first or third-party cookies on their device. They also need to clearly let them know how to opt out of those cookies if they ever wish to.
Why You Need to Keep Privacy In Mind
Visitors Know Their Data Is Being Used, So You Might as Well Be Honest About It
Users are increasingly aware of their data being used for target advertising. With that awareness come privacy concerns. Governments are actively passing stronger laws designed to protect consumer privacy.
That’s where cookie consent comes in: they provide users with increased control over their personal data.
And if you think being transparent about your consent policy could discourage visitors from buying, think again.
An experiment from Harvard Business Review revealed the following results:
“First-party sharing by telling shoppers that an advertisement was based on their activity on the site, click-through rates increased by 11%, the time spent viewing the advertised product rose by 34%, and revenue from the product grew by 38%.”
Cookie privacy isn’t about spying on your visitors, but rather about transparent data collection. Users should know that their data is being used for ethical personalisation purposes only.
You’re Liable for Any Data Breaches That May Occur
Website owners tend to only worry about privacy when things go awry. You shouldn’t do the same.
As a website owner and a business operator, you’re 100% responsible for the data of those who visit your website. Anything happens to that data, and you could find yourself on some thin ice.
You may have heard about some of the infamous Australian data breaches in 2023 reported by the Office of the Australian Information Commissioner (OAIC). The three breaches that stood out were Optus, Woolworths Mydeal, and Medibank. Together, they hit over 13 million people. In a period of just six months!
It’s no wonder users are sensitive to their data and how it’s used. We’d be scared, too.
Privacy Laws Are In Constant Change
While it’s not impossible to keep up with the reforms in privacy laws, we’re willing to bet that you don’t have the time to do it.
For instance, the Australian Privacy Act 1988 is currently in a reform process. The improvements are aimed at strengthening the protection of personal information, as well as the control individuals have over their information.
- Expands definition of “personal information”
- Provides users with the right to withdraw consent (whenever they want to)
- Includes right to opt out of targeted advertising
Proposed bills are ever-changing, so you’ll need to keep your Privacy Policy up to date. Or, you could make your life easier with policies that self-update whenever the law changes.
You Could Declare Bankruptcy
Not having a Privacy Policy in place could make you a target to fines from $2,500 to €20,000,000 for violation of the General Data Protection Regulation (GDPR). AKA, the toughest privacy and security law in the world.
That’s just the fine, by the way. You’re also very likely to lose even more money with lawyers – not to mention time, peace of mind, and even your whole business.
Our customers proactively manage this risk, as they’re backed by the wizard legal team behind Termageddon. The Termageddon team will keep watch on the laws for you and automatically update your policies when required.
You Need to Comply With the Legislation of Your Website Visitors
Not everyone knows that, as a website operator, you have to deal with the legislation of the person’s location as well as the legislation you reside in as a company.
We’re from Australia, but we’re GDPR compliant because we get visitors and customers from the European Union (EU). By processing their data, we need to comply with their local laws. Not just ours.
It’s not about where you are – it’s about where your visitors are from. That’s why different laws need different kinds of cookie consent.
Therefore, if you sell to people and collect their data in the EU you need to comply with the GDPR.
It’s that simple…and that complicated. You can make things easier by choosing the right businesses to partner with.
Enter SixFive’s updated Privacy Policy Generator.
What’s Changing In SixFive?
We’re now adding the UserCentrics cookie consent system to our Privacy Policy product.
The Usercentrics Consent Management Platform (CMP) makes cookie usage and tracking technologies on your website 100% compliant and transparent. So that your privacy policies will automatically adapt to the current legal landscape of your customers. And so that you can stay out of legal trouble.
By teaming up with Usercentrics, you can leave the gruntwork to us.
Here’s why you wouldn’t want to do that work yourself…
More Bills Are Always Being Proposed
There’s a mega-list of global privacy bills, all of which could affect your obligations as a business. And your Privacy Policy must change as they change. Side note: they change frequently.
Our partners at Termageddon keep track of those bills so you don’t have to. They also automatically update your policies when needed. This allows you to be compliant in those jurisdictions with strict privacy requirements.
More Laws Are Being Passed
There are at least six brand new privacy laws coming into effect in 2023. These are:
- The California Privacy Rights Act
- Virginia Consumer Data Protection Act
- Colorado Privacy Act
- Utah Consumer Privacy Act
- Connecticut SB6
- Quebec Bill 64
You have the right to be overwhelmed. After all, your Privacy Policy should comply with all of the above.
Why Get a Privacy Policy Generator?
We like to say that we need to look after our customer’s data not by copy-and-paste templates or by guessing, but by being good humans.
Sure, you could get yourself one of those ready-made policy templates. But who’s going to update that for you? Who’s going to be on the watch, making sure it’s protecting the data from your customers around the world?
Copy-and-paste templates are static. The law isn’t. Besides, templates aren’t customised to your business, which could put you at risk of privacy-related fines.