Have a website? Check.
Doing e-Commerce? Check.
Have a privacy statement prominently posted on your site? If not, get one. Now.
California recently passed legislation requiring anyone collecting potentially sensitive information online to have a clear privacy statement posted on the website. They are not the only state doing so, and if you do online sales, it is likely you do business in California and other states that require a posted privacy statement.
In the Rain system, it's super easy to put up your own statement and link to it in prominent places. First, you'll need the text for your statement. The Better Business Bureau offers this free sample one you can adjust to your own preferences and use on your site. While you're at it, if you don't have an Online Terms and Conditions statement, here is a free one offered by Rocket Lawyer.
Here is a video showing how you can create your Privacy Statement page and publish it. Also, it shows where in the Settings you can require your online shoppers to agree to your Terms and Conditions.
Key Questions About Privacy Policies
There is no single law regulating online privacy. Instead, a patchwork of federal and state laws apply. Some key federal laws affecting online privacy include: The Federal Trade Commission Act (FTC)– regulates unfair or deceptive commercial practices. (Source - Thomson Reuters Legal)
What do I need to know about California's new data privacy law?
The California Consumer Privacy Act (CCPA), which was signed into law in June 2018 by Governor Jerry Brown, is the first United States law following in the footsteps of GDPR. ... Additionally, the CCPA requires that the California Attorney General publish regulations between Jan. 1, 2020, and July 2, 2020. (Source - Law.com)
What states have data privacy laws?
At least 31 states have already established laws regulating the secure destruction or disposal of personal information. And at least 12 states: Arkansas, California, Connecticut, Florida, Indiana, Maryland, Massachusetts, Nevada, Oregon, Rhode Island, Texas, and Utah have imposed broader data security requirements. (Source - iApp.org)