Please note that in no way is Help Desk Cavalry providing legal information or counseling in this article. The content below is offered for your information only and any concerns or questions about complying with current laws should be directed to a legal professional.

You may not realize it, but regardless of how big your company is—from a one-person flower shop out of a garage to a five-person family-run dry cleaners—you are collecting Personally Identifiable Information (PII) every day. Generally speaking, this includes data that can help identify an individual and perhaps even get in touch with them. Examples are a form on your website where people can get in touch with you, asking for details such as name, phone number, and email address.  Or information that they need to provide at the time they purchase your product or service–even something as simple as making an online payment on your site entails sharing their PII with you.

As a business, it is your legal responsibility to have a privacy policy in place before you collect, store, and use this data. A privacy policy tells others how your business will be using and be accountable for all that PII.

WHAT IS A SMALL BUSINESS PRIVACY POLICY

A privacy policy is a legal statement that tells your customers how, when, and why you gather their information and what you do with it. It lets them know whether you keep their information confidential, share with anyone, or sell it to other businesses.

For small businesses, the privacy policy must clearly describe what information you collect, including names, addresses, email addresses, and payment information.

IMPACTS TO WASHINGTON STATE BUSINESSES

The US doesn’t have a federal law that makes a privacy policy compulsory, but many states do. In 2021, Washington state passed Senate Bill 5062, dubbed the Washington Privacy Act. It would give consumers the right to access, correct, and delete personal data collected by businesses, and companies would have to issue privacy notices and adopt reasonable security standards.

This means that while Washington is not currently on the list of states enforcing their own privacy laws, it soon will be. This means that your small business will be on the hook for bad practices, like offering noncompliant mobile forms on your website, improperly collecting data, or not giving customers the ability to have their PII data deleted from your records.

BENEFITS OF HAVING A SMALL BUSINESS PRIVACY POLICY

It can protect you in the court of law

A privacy policy is more than just a legal requirement, it can safeguard you from potential lawsuits. Asking new customers to accept your stated privacy policy can protect you, if the information and the way in which you used/shared/stored it is covered in the privacy policy and authorized by the customer.

It enhances your brand image and helps build trust

By having a privacy policy in place, potential and existing customers will see your company as one that takes data and information security seriously. Not to mention it portrays an image of being a knowledgeable, modern company that cares about their customers. This naturally enhances your brand image and helps build trust.

WE DO THIS EVERY DAY

While we can’t provide you with the content you’ll need for your privacy policy, we can absolutely make sure that your cybersecurity supports what you say in it. If you’d like to learn more about how, just contact us. We’d love to talk through where your security is now and where it needs to be to keep your company, employees, and customers safe.