Whether you are building a website for yourself or for a client, you have probably run into WordPress. WordPress is a free and open source content management solution that can be used to build websites with a wide variety of features, from a simple blog to a complex online store and everything in between. WordPress has long been one of the favorites of website builders, not only due to its ease of use and adaptability to your needs, but also for its large and supportive community. This community regularly meets at WordCamps to share knowledge, make new friends, and volunteer to work on the WordPress project.
- What privacy laws you need to comply with; and
- Whether the template actually meets the disclosure requirements that apply to you.
It is important to note that just these first two tasks could potentially take up hours of your time if you are attempting to complete them without help.
- California Online Privacy and Protection Act of 2003 (CalOPPA);
- California Consumer Privacy Act (CCPA);
- Delaware Online Privacy and Protection Act (DOPPA);
- Nevada Revised Statutes Chapter 603A;
- General Data Protection Regulation (GDPR);
- United Kingdom Data Protection Act 2018 (UK DPA);
- Personal Information Protection and Electronic Documents Act (PIPEDA); and
- Australia Privacy Act of 1988.
|Effective date||CalOPPA, DOPPA and Nevada Revised Statutes Chapter 603A||No|
|What Personally Identifiable Information you collect (note that some privacy laws require you to disclose the categories of PII that you collect, while others state that you need to provide the specific pieces of PII that you collect)||CalOPPA, CCPA, DOPPA, Nevada Revised Statutes Chapter 603A, GDPR, UK DPA 2018, PIPEDA, and Australia Privacy Act of 1988.||Yes|
|Sources from which you collect PII||CCPA, PIPEDA, and Australia Privacy Act of 1988.||No|
|Purposes for which you will be using the PII||CCPA, GDPR, UK DPA 2018, PIPEDA, and Australia Privacy Act of 1988.||No|
|How your website responds to Do Not Track Signals||CalOPPA and DOPPA||No|
|Whether you sell PII and, if you do, what rights consumers have regarding such sales||Nevada Revised Statutes Chapter 603A and CCPA||No|
|The privacy rights afforded to consumers||CCPA, GDPR, UK DPA 2018, PIPEDA, and Australia Privacy Act of 1988.||Yes. However, the suggested text does not include the full list of privacy rights afforded by each of these laws.|
|How consumers can make a complaint to the relevant authorities about your privacy practices||GDPR, UK DPA 2018, and PIPEDA||No|
|How long you store PII||GDPR, UK DPA 2018, and Australia Privacy Act of 1988.||Yes. The template states that certain PII is retained indefinitely, which can be a violation of GDPR’s data storage requirements.|
|Whether you plan on using PII for direct marketing purposes and, if you do, how consumers can opt out of such direct marketing||GDPR, UK DPA 2018, and Australia Privacy Act of 1988.||No|
|Your other policies, procedures, standards and codes||PIPEDA||No|
|Whether you are required to collect the PII by an Australian law, court or tribunal order.||Australia Privacy Act of 1988.||No|
|Whether you subscribe to any Australian Privacy Codes and if so, which ones.||Australia Privacy Act of 1988.||No|
|Whether you participate in any Australian external privacy dispute resolution scheme and if so, which one.||Australia Privacy Act of 1988.||No|
|Whether you combine or link other PII that you hold about an individual.||Australia Privacy Act of 1988.||No|
- The suggested text includes language that is in direct violation of certain privacy laws. For example, the suggested text states that certain PII is retained indefinitely. However, this is in direct violation of the GDPR, which requires PII to be kept for a certain time period only (e.g. 1 year) or to state the criteria that will be used to determine the storage period for PII (e.g. we retain your PII until you unsubscribe from our emails).
Hans is the Vice President of Termageddon, an auto-updating website policies generator. With Termageddon, you can generate a comprehensive set of policies for your website, and then receive automatic updates to your policies when the laws change. When not working on Termageddon, you can find Hans gardening, beekeeping, fishing or taking care of his chickens.