You Gotta Have a Privacy Policy – Use iubenda to Generate Yours

In Resources by Chris Foley


The web landscape has sure changed a lot in recent years. It used to be the Wild West up in here, and lately a curious and Wiley creature has been rearing its ugly head. That creature is known as compliance.

There's a whole lot to get compliant around nowadays. First we have the necessities of building your site around a mobile-first framework, or else you lose a lot of traffic and potential customers. Google likes mobile friendly sites and has already begun downranking sites that aren't recognized by their system as being mobile-ready.

Second is security. We're seeing the end days of the HTTP protocol as the web makes way for HTTPS everywhere, even if you're not selling anything on your site! That's right, if you want to rank better and build trust with your visitors, it's time to consider purchasing an SSL certificate for your site. My site is fully secured with SSL right now, in fact, and yours should be too.

One area of compliance that you are likely unaware of is a pretty serious one because neglecting it doesn't simply result in lower page rank and lower traffic; ignoring this one can result in your being slapped with some serious civil fines. I'm talking about your site's Privacy Policy. It's 2015 now and you've got to have a Privacy Policy prominently displayed somewhere on your home page, preferably in the footer.

The Online Privacy Protection Act (OPPA)

This act has been kicking around since 2004 but nobody I work with has ever heard about it. Essentially, the requirements are that:

the operator of a website must post a distinctive and easily found link to the website's privacy policy...The privacy policy must detail the kinds of information gathered by the website, how the information may be shared with other parties, and, if such a process exists, describe the process the user can use to review and make changes to their stored information. It also must include the policy's effective date and a description of any changes since then.

Now, this isn't just a California thing; other US States have picked this up as well, and it's also a required element across all EU member nations. I figure it like this: I have a website and I have visitors coming in from all over the world. Thus it's not worth the liability to ignore it.

As you can imagine, writing a comprehensive Privacy Policy is a major Pain in the Ass. Maintaining said Privacy Policy is an even bigger Pain in the Ass, especially as you experiment with new and exciting website features. Just to put this in perspective, here's a quick example:

Do you collect subscribers on your site? Of course you do. Well guess what? You must disclose what system you use to collect the info, including what information you're collecting, and what you're doing with that information. Oh joy.

Do you have a comments section on your blog? Well, duh. Yup, you have to disclose all of that info too.

Who has time for that?? If we're building you a website, I'm going to make you post a Privacy Policy page, and you're not going to want to write it. And you certainly do not want to pay me for the several hours required to hand write one.

iubenda to the Rescue


iubenda is a web service (tool) that allows us to generate a Privacy Policy for our sites in a matter of minutes. It's very simple to use. You select from a list of services that you might have on your site, and iubenda adds those services to your Privacy Policy which you then embed into your site. That's it. Later down the road when you start using (say) Stripe Payments or PayPal Payments Pro, or when you move from Constant Contact to MailChimp (which I recommend you do, NOW) you simply login to your iubenda account and tick the appropriate boxes. Since your Privacy Policy is embedded into your site it is automagically updated on your site the moment you submit your changes to your Policy.

services-e4e90b01f3890219e8895793fd0a5939Additionally, the Privacy Policy doesn't just list what services you employ on your site, it lists out what those services do, what info they collect, and why that service collects the information. When your visitor clicks on your Privacy Policy link, they can dig in as deeply as they want and find your full disclosure.

iubenda employs a legal team to stay on top of changes in these services and their design team has put together something far more attractive than an online legal brief.

Our privacy policy is a carefully crafted combination of design, usability and information architecture

Man, I have sold this thing 25 times in the past 6 months alone, and much to my dismay, they do not pay me a commission!

Anyway, if you want to see iubenda in action, simply click on the Privacy Policy link in the footer section below. Once the Privacy Policy pops up, you can scroll down to the bottom and click on "Show the complete Privacy Policy" to see exactly what's going on. They've included these great little accordion boxes which open when clicked to reveal the purpose behind each service installed on my site. Pretty cool!

All in all, setting up the iubenda Privacy Policy for my own site took me about 15 minutes and then another 5 minutes to get it into my footer.

iubenda is not free. There are two ways in: if you've only got one site, an iubenda Privacy Policy will cost you $27 per year. Or if you have multiple sites you can get 5 policies for $9 per month. If this sounds expensive to you just try paying a massive civil penalty as Path and Delta have. No thanks!

They've also added Cookie Policy Integration to the product, which is already law in the EU, so if you're doing business in the EU, iubenda is a must-have application.


Do you like what you see here?

Get the newsletter

I write two newsletters each month.
One for brands and and one for freelancers and small business persons.

[mc4wp_form id="6995"]

Do you like what you see here?

Get the newsletter

I write two newsletters each month.
One for brands and and one for freelancers and small business persons.

[mc4wp_form id="6996"]

Thank you for stopping by. You're the best.