Delaware is serious about website Privacy Policies. Who's compliant?

Sep 15, 2015 12:16:13 PM

It's not just online retailers or SaaS companies that need to worry about conspicuous posting of terms online anymore. If you're collecting consumer data in some states, you're required by law to have your privacy policy posted clearly, conspiciously, and out-in-the-open.

Starting January 1, 2016, the new Delaware Online Privacy and Protection Act requires any site that collects consumer information online to do just this. The law specifically requires anyone collecting "personally identifiable" data to have a privacy policy "conspicuously available" online. What does conspicuously available mean here? Rather than take our word for it, let Melissa Krasnow of Dorsey & Whitney LLP explain the criteria for compliance right here:

  • A Web page on which the actual privacy policy is posted if the Web page is the home page or first significant page after entering the website.
  • An icon that hyperlinks to a Web page on which the actual privacy policy is posted, if the icon is located on the home page or the first significant page after entering the website, and if the icon contains the word "privacy." The icon must use a color that contrasts with the background color of the Web page or is otherwise distinguishable.
  • A text link that hyperlinks to a Web page on which the actual privacy policy is posted, if the text link is located on the home page or first significant page after entering the website, and, if the text link includes the word "privacy," it must be written in capital letters equal to or greater in size than the surrounding text, or be written in larger type than the surrounding text, or in contrasting type, font, or color to the surrounding text of the same size, or set off from the surrounding text of the same size by symbols or other marks that call attention to the language.
  • Any other functional hyperlink that is displayed such that a reasonable individual would notice it.
  • For an Internet service that is not a website, any other reasonably accessible and visible means of making the privacy policy available for users of the Internet service. [Del. Code tit. 6, § 1202C(7).]

Delaware's not the only state requiring this sort of conspicous display of online privacy policies, either. California has had similar legislation in place since 2012 — requiring the proper display and notice for privacy policies. (We'll discuss that a bit more later.) Still, the message from lawmakers is clear: the display of your privacy policy should be a priority, not an afterthought.

So, what are you doing to protect yourself from an unnecessary legal battle?

PactSafe's tools allow you to publish, track, and display your online privacy policies in a way that can be certain to allow in-house lawyers to sleep easy at night — knowing you're providing the conspicious notice necessary to keep your company in compliance with these new and evolving laws as you manage website legal. 

Want to learn more about how exactly PactSafe can keep you compliant? Schedule a demo today.

See a Demo

Kyle Robbins

Written by Kyle Robbins