If you are a website designer, chances are that you did not get into this field because you are passionate about privacy law compliance. However, as you were keeping up with the latest website design trends, you may have also heard that an increasing number of website owners have been getting fined for failure to comply with privacy laws.
Since fines for privacy law non-compliance start at $2,500 per website visitor, you may be wondering: are web designers responsible for their clients’ website policies? If that’s the case, then you may also be responsible for paying privacy law non-compliance fines, so it is imperative that you first protect yourself.
In this article, we will discuss how to tell whether you are responsible for your clients’ website policies and how you can protect yourself from liability.
Table of Contents
Step 1: Check your contract
If you have a client sign a contract prior to working with you, that contract will govern your relationship and your liability regarding the website, including website policies. To check whether you are responsible for your clients’ policies, either read or have your attorney read your contract, paying particular attention to the following sections:
- Compliance: certain contracts will have a section titled “Compliance.” If your contract has such a section and it states “website design guarantees that the website will be compliant with all applicable laws, rules and regulations,” then you are responsible for the privacy law compliance of your clients’ websites, including their website policies.
- Warranty: most contracts will have a section titled “Warranty.” Usually, this section is in all caps and thus is very easy to find. If your warranty section states that you do not provide any warranties, then it is likely that you do not warrant compliance with privacy laws. However, if your contract states that you will “perform the work in a professional and workmanlike manner,” then you may be guaranteeing compliance, if guaranteeing compliance is considered “professional” in your industry and area. In addition, you should check whether the warranty section of your contract states anything regarding compliance.
- Damages: most contracts will have a section titled “Damages,” which specifies the total amount that you would be responsible for if your client sues you and they win. Keep in mind that privacy law non-compliance fines can be very high, so make sure that your damages section limits your damages to the least amount possible.
If you do have your clients sign a contract, you should first make sure that the contract does not guarantee compliance (including privacy and policy compliance), that the warranties that you provide do not open you up to liability, and that your damages are limited. In addition, you may want to consider having your clients sign a waiver that ensures that they are aware that you are not responsible for your clients’ policies. Termageddon provides such a waiver for you to use as part of our agency partnership program, which can be found here.
Step 2: Check the default rules of your jurisdiction
While it is certainly not the best, nor a recommended practice, many website designers perform work for their clients without a contract. If you and your attorney have determined that you do not need a contract, you should be aware that the default contract rules of your jurisdiction will then apply.
For example, in some jurisdictions, if there is no contract, then a default warranty will apply stating that “all work will be done in a professional and workmanlike manner” or that work will be performed in a similar manner as to other professionals in the same industry in your area. This type of default warranty can be very disadvantageous to website designers. For example, if other website designers in your area are guaranteeing compliance or are responsible for their clients’ website policies, then you may be too.
Step 3: Check your practices
If you are providing policies to your clients that you wrote yourself, copied and pasted or found on a free template website, your clients may believe that you are an expert in privacy and contract law and that you are guaranteeing that those policies are compliant. If this turns out to not be the case, then this may tarnish your relationship with your client or may even make you liable for fines that far exceed what you were paid to build the website. Thus, it is best to recommend that your client consult with a third party for their website policies, and not you.
As you can see from the above, there are multiple cases in which website designers may be held responsible for their clients’ policies. What is the best way to protect yourself?
- Have a contract with your clients that is written by a competent attorney that knows your industry and the risks that you face. Ensure that this contract adequately protects you from ensuring that the website is in compliance with privacy laws and policy requirements;
- Do not copy and paste Privacy Policies, write policies, nor provide free templates to your clients;
Recommend that your clients reach out to an attorney with experience in privacy and contracts for drafting their website policies. If your clients cannot afford an attorney, recommend that they use a service such as Termageddon to create and automatically update their website policies. When your client signs up with Termageddon or when you share a license with a client, they will have to accept the Termageddon Terms of Service, stating that Termageddon is responsible for their website policies.