I wrote Privacy Policies - which covered the use of Cookies - for my websites and blogs yonks ago.
Of course, the advent of GDPR has meant that they now ALL need to be updated to become compliant with GDPR.
However what I did not anticipate was that I would be writing and re-writing the Privacy and Cookies Policies over and over again. (For the record the one for this blog needs rewriting again and my latest / most up to date version is on Art Business Info. for Artists - but that needs more work!
That's because although I read the guidance and knew pretty much what I needed to do it took until 24-25th May before most 'well-informed' people published their new Privacy Policies - which means that I now have a huge reservoir of policies to look at to see which work best for me.
The main difference to what I had before and what I need now is that the Policy now needs to be
- spelt out systematically
- sit under heading(s) which say 'Privacy Statement' and 'Cookies Policy'.
If you haven't even started writing a Privacy Policy
I've decided that when it comes to rewriting you can't fail if you reference the Privacy and Cookies Policies of certain leading websites.
Which is why below you can find links to some of those I feel certain will have got it right. Have a read and then decide what works for you.
Information Commissioner's Office
Where better to go than the website of the Regulator?
- Privacy Notice (over several pages - but an easy read)
- Cookies Policy - their deeply nerdy goody two shoes approach has every cookie nailed and explained!
Gov.UK
Always worth checking out what they are doing on the Gov.UK website - they should be leading from the front! This is Gov.UK's
It's kept very streamlined and simple. very much a recommended read. Here's its take on Google Analytics.
Google Analytics stores information about:
- the pages you visit on GOV.UK
- how long you spend on each GOV.UK page
- how you got to the site
We do not collect or store your personal information (for example your name or address) so this information can’t be used to identify who you are.
- what you click on while you’re visiting the site
We do not allow Google to use or share our analytics data.
Google Analytics sets the following cookies.
Name Purpose Expires _ga This helps us count how many people visit GOV.UK by tracking if you’ve visited before 2 years _gid This helps us count how many people visit GOV.UK by tracking if you’ve visited before 24 hours _gat Used to manage the rate at which page view requests are made 10 minutes
The Royal Family
I just assume they have somebody advising them who knows what they are doing! Here are the policies for the website - AND their operations more generally, which interestingly artists might find interesting given there is a lot of get out and about and interact with other organisations.
Here are their:
- Privacy Policy
- Note in particular the two paragraphs relating to cookies on the Royal Family website and Google Analytics cookies - this is what I call stripped back!
The National Gallery
I thought it worth checking what some of the major art organisations were saying.
- Privacy Policy - set out in chunks with a separate page for each section
- Cookies Policy - also chunks - the advantage being you can get straight to the bit you want. They have a complete breakdown of all the cookies - which means you have a good chance of finding the ones you need to list
This is the Google Privacy Policy for the UK - with the link found at the bottom of the Feedburner website which I use for email subscriptions to this blog.
Suzanne Dibble
Suzanne Dibble is the lawyer who has grown the GDPR For Online Entrepreneurs (UK, US, CA, AU) Facebook Group from zero to 35,000+ members since February. It's probably the most sensible GDPR Group around - plus it has lots and lots of videos addressing different aspects. Worth a wade through - but a warning - you will be overwhelmed! It's targeting small businesses more than sole traders.
You haven't got a hope of copying either of the following for her business website (far too canny for that!) - but they are both definitely worth a read
Here is her:
My recommendation. Think of a website and operation that is very like you - and have a look at what they've got to say.
CAUTION: There is no way of knowing who has got it right. However taking a look at the websites of those who SHOULD be setting an example gives us a good steer towards getting our statements right.
and finally.....
All the messages coming out of ICO suggest that they are very much looking towards helping small businesses rather than fining them.
Don't ignore GDPR - but also don't anguish over whether you've got it all 100% right. If you got it wrong then all the PR suggests that they will be looking to provide guidance in the first instance
Don't ignore GDPR - but also don't anguish over whether you've got it all 100% right. If you got it wrong then all the PR suggests that they will be looking to provide guidance in the first instance
No comments:
Post a Comment
COMMENTS HAVE BEEN CLOSED AGAIN because of too much spam.
My blog posts are always posted to my Making A Mark Facebook Page and you can comment there if you wish.
Note: only a member of this blog may post a comment.