So you’re looking for a solution to help you with your website policies? Well done! Acknowledging the need to comply with privacy laws and respect the data of your website users is the first big step a website/business owner needs to take. Now that you’ve taken that step, what’s next?
Well, all that’s left to do is find a provider that can scan privacy laws around the globe, identify which ones apply to your website, generate policies with all the required disclosures, and update each of your policies accordingly as laws change or are created.
There’s one clear winner for this undertaking, and that is *drumroll*… a privacy attorney.
HOLD ON, DON’T LEAVE!
Privacy attorneys are ideal because they’re the only ones who can offer legal advice in addition to website policies. Unfortunately, the fees associated with that legal advice can be hard to swallow if your name doesn’t rhyme with Beff Jezos.
Table of Contents
For many, the decision comes down to pricing. So let’s cover that first; starting with Termageddon.
$12/month or $119/year for one license.
- Cookie consent banner for up to 20,000 users sessions per month
- All privacy laws and all clauses
- Automatic updates
- Unlimited edits to your policies
- Policies with no Termageddon logo/branding
- 1 domain
- Custom legal policies – the policies are actually based on how you fill out the questionnaire
- Returns and Shipping Policy
- 10 data requests/month (cookie consent banner is our guess)
- Removes Enzuzo logo from policies
- Everything in the $9/month plan
- 4 domains
- Data Subject Access Request and CCPA forms
- 50 data requests/month
- Everything in the $29/month plan
- 10 domains
- Unlimited data requests
- Premium support
- Everything on the $79/month plan
- 20 domains
- Unlimited data requests
- Premium support
- End User License Agreement
- Terms of Service (includes Cancellation Policy, Shipping Policy, Refund and Return Policy, and Acceptable Use Policy)
- Terms of Service
- Return Policy
- Shipping Policy
Cookie Consent Banner Offered and Features
Termageddon (in partnership with Usercentrics)
- Covers the following privacy laws: GDPR, UK DPA, ePrivacy Directive, CCPA/CPRA, PIPEDA
- Includes: website scanner for cookies
- Automatically blocks certain cookies until a user accepts those cookies
- Includes: consent and preference tracking
- Includes: Do not sell my personal information banner
- Includes: option to change the default text in the cookie consent banner
- Includes feature for changing consent settings or withdrawing consent
- Covers: GDPR, CCPA, LGPD and PIPEDA
- Does not tell you whether you need the cookie consent banner
- Includes geolocation feature for EU only so if you select EU only, it would not be CCPA, LGPD or PIPEDA compliant because it would not show in those countries.
- Includes option to change the default text in the cookie consent banner
- Does not include a do not sell my personal information banner so not really CCPA/CPRA compliant. Their website says that this is provided but when you actually go in to create a cookie consent banner, CCPA/CPRA is not an option and you do not have the option to create a do not sell my personal information banner.
- Does not include a cookie scanner – you must add all of the services manually and classify them yourself.
- Automatically blocks certain cookies until the user accepts those cookies
- Unclear whether there is a consent log – it is not mentioned anywhere on their website.
- Support portal where you can send a message
- Support portal where you can read support articles
- Can contact them through a page on their website
- Help center where you can read support articles
- Unclear as to what “premium support” means on their pricing page
Privacy laws covered
- Australia Privacy Act 1988
- UK DPA 2018
- Nevada Revised Statutes Chapter 603A
- Colorado Privacy Act (will cover once it goes into effect)
- Connecticut SB6 (will cover once it goes into effect)
- Quebec Law 25 (will cover once it goes into effect)
- UCPA (will cover once it goes into effect)
- GDPR (this page says that it covers EU and UK, which is not the case – since UK left the EU)
- Connecticut SB6
- Colorado Privacy Act
What’s interesting is that this blog post says that the privacy laws are included but this is not reflected in their generator.
- Automatic updates offered on all policies
- Updates have been made on time for every new privacy law and regulations.
- Has a state privacy bill tracker
- say that they automatically update your policies if you are an existing customer. Did not update for Brexit. Did not update for Nevada Revised Statutes Chapter 603A since they do not cover this privacy law.
- President – Donata – Donata is a licensed attorney and Certified Information Privacy Professional, as well as the Chair of the Chicago Bar Association’s Privacy and Cybersecurity Committee. She is also a Fellow of the American Bar Foundation, a member of the American Bar Association’s Science and Technology Council, and a member of the ABA’s Cybersecurity Legal Task Force.
- Co-founder and CEO – Mate Prgin – no privacy experience
- Co-founder Tim Tsai – no privacy experience
- None of their other staff members seem to have any privacy experience (according to About Us/ LinkedIn pages
Does it help you figure out what privacy laws apply to you?
- First page of the questionnaire actually helps determine what privacy laws apply to you;
- The questionnaire includes all of the questions needed to create the disclosures required by the privacy laws that apply to you;
- We don’t make assumptions nor insert generic information for these disclosures;
Hard to tell without actually purchasing a paid plan. A couple of items though:
- Asked if our business is certified under the EU -US Privacy Shield Framework, which was invalidated as a transfer mechanism in 2020;
- Did not ask whether we share personal information or who we share it with;
- Did not ask about the legal bases of processing personal information (required under GDPR);
- Did not ask about who is accountable for our privacy practices (required under PIPEDA);
- The generator did not ask us about security measures but instead inserts this text, which may not be applicable.
- The policy is full of random disclosures (even if you were to upgrade) because so few questions are asked;
- The generator does not actually help you determine what privacy laws apply to you, nor does it cover the privacy laws that it says that it covers. For example, in the privacy rights section, it has all of these rights for VCDPA and Connecticut’s privacy law, which were not options to select.