skip to Main Content

Website Policies Required For Compliance

When a website is being developed unfortunately one of the last elements to be considered are the companies website policies. However the following are all required to be shown if a company is to be compliant.

Terms Of Use Policy – Covers what the website is for and if there are any costs involved

  • Is not related to terms and conditions, Terms of Use governs the actual access to the website
  • Details the fees payable for access to the website (if there are any)
  • In a perfect world a visitor to the site would be greeted by the Terms Of Use and agree to them before being allowed to view the site. We dont live in a perfect world from a legal perspective, so common practice is to display a link to the Terms Of Use prominently on each page
  • In light of web based security issues they will probably cover the prevention of unauthorised use / disclosure of passwords
Website Policies Required For Compliance

Want to pick up the phone and speak to us about your Strategy, Website, Marketing or Business Development project?
Call us on: 01733 361729

Acceptable Use Policy – Governs the behaviour of the person using the site

  • This is most relevant where interactive services are provided within the site
  • Prevents
    • unauthorised reproduction of materials (text / images / video etc)
    • unacceptable user behavior e.g hacking or creating viruses etc
  • Allows – the website owner to remove offending material (i.e. perhaps you allow visitors to comment on posts etc) or suspend a users right to access the site
  • For any breach of standards there should be contractual remedies in place

Privacy Policy – this links back directly to the Data Protection Act

2 key considerations

  • Why you are collecting any data
    • Data includes information about users online behaviour i.e. The IP Address from which they are accessing your website. So even though you may not be collecting names / payment details you may need a privacy policy
  • That the data you are collecting will be stored and processed legally and fairly
    • Policy should inform users on how data will be collected, stored and used
    • Allows controller to obtain an individuals implied consent to processing activities. So explicit consent is needed for sensitive data such as racial infomation

As is implied by many of these policies the person should have the chance to read these terms before submitting data. In an ideal world a pop up of Privacy policy in a real world a link to them near the requisite submit button.
We will cover the Cookie Policy in another article. For more information about websites that generate business and are legally compliant please call Andrew Goode on 01733 361729 or e mail

Website Policies Required For Compliance

For more information on marketing, sales and business related topics click here. To talk to a marketing and sales professional click here

On Line Data Protection Key Principles

The Key Thrust To Data protection

1: Tell people what you are going to do with their data before you gather it
2: Within your organisation you need to identify who is the Data Controller
3: If you are capturing and storing names, emails etc you need to have a Data Protection Licence

Data Protection Key Principles

  • Personal data includes
    • Names
    • Addresses
    • Telephone numbers
  • Processing includes
    • How the data is obtained
    • The approach / techniques used to record the data
    • How the data is retained / held within the organisation
    • How the data will be used
    • Disclosing and erasing of the data
  • Data subject: This is the individual about whom personal data is processed
  • Any data obtained must be processed fairly and lawfully
  • An organisation needs to identify who is assigned to be the Data Controller
    • The data controller equals the person who determines the purpose for which and the manner for which personal data is to be processed
  • The data controller to notify the Information Commissioners Office (ICO) before processing and failure to notify is a criminal offence. There is a wealth of information on the ICO website
On Line Data Protection Key Principles

Data Protection Make Sure You Stay Legal

    • If you have a website and on that website you have a contact us enquiry form box in which a person adds their personal details and submits a request you need to have a data protection licence.
    • If you have been collecting business cards from an exhibition, trade event, networking event etc and are building a database of prospects even if it is a simple spreadsheet you need to comply with data protection.
    • If you have purchased (or acquired) a list of prospective customers that you have now stored on your customer relationship management system (Workbooks, Salesforce, Act etc) you need to comply with data protection
    • If you have a website which has a data capture form whereby information is fed directly into a Mailchimp list – you need to make sure you comply with data protection.
Back To Top