Website Privacy Policy
What is a Privacy Policy and do I need one on my site?
This article from PrivacyPolicies.com answers these questions for you beautifully and will help you to understand what a website privacy policy is and the legalities of it. It is ultimately up to your discretion to decide if you want one on your site or not, and to provide us with that content.
How do I create a Privacy Policy?
A website privacy policy is a legal document, so the STRING Marketing team is unable to create, provide guidance on, or perform copy edits on the contents of the document. The only thing we are able to do is copy and paste the content provided onto a page on your website. We highly recommend consulting with an appropriate lawyer to review or draft a Privacy Policy for you.
This site allows you to pick and choose the sections that you need, based off of your website and business. Similar to an online DIY tax service, you answer questions about your organization and it constructs a document to fulfill your needs.
Disclaimer: STRING Marketing cannot be held responsible for allegations that result from included or missing content in your website's Privacy Policy. The contents of this document are simply recommendations to help you construct your Privacy Policy, and should not be taken as legal advice.
Your Website & User Data
Overview
Most websites we develop use a "stack" built out of the Wordpress CMS core, a theme, and numerous plugins. Our websites may also have added code, like pixels and analytics tracking, that enables 3rd party services to extend your website's functionality.
Many of these components will interact with user data, which can be protected by privacy laws within and beyond the United States.
In order to guide you and your legal counsel in preparing your privacy policy, below is a list of the most common elements that handle user data on websites we build. For detailed and up-to-date info on any component, we recommend contacting the component's authors/providers. If you need help connecting with that info, we'd be happy to assist.
String Stack and User Data Considerations
IN USE?
| COMPONENT OR SERVICE
| WHAT IT DOES WITH USER DATA
| USES COOKIES?
|
Y
| Wordpress Core
| Wordpress may access and store user data when a user posts a comment on the website. It also may store user data in the case that your site takes registrations, subscribers or memberships.
| Y
|
Y
| Anti-Spam by CleanTalk
| You will have spam protection through Clean Talk anti-spam, which can store IP addresses and has access to comment and contact form submission field data.
| Y
|
Y
| Website Contact Form (typically via Gravity Forms)
| Your contact form will store your user's email address as well as any additional fields, such as name, subject line, message and more. See your design for what will be included on your contact form.
| N
|
| Website Subscribe Forms (typically via Gravity Forms add-ons: Active Campaign, Mailchimp, or MailerLite, or a ConvertKit integration)
| Your website's subscription form will take user data to enable subscription at your email marketing platform. The website form will store any user data taken on the form, such as name and email address. That user data will be passed along to your email marketing service.
| N
|
| Popup Opt-in Forms (typically via Optin Monter)
| Optin Monster will set cookies to manage who sees your popups and when. It will also send the user's email address and any other form field data to your email marketing system.
| Y
|
Y
| Post SMTP
| Post SMTP will log email messages sent from your site, which may include replies to forms or subscription requests. In this process, it may log user's email addresses and possibly submitted form data, depending on how your replies are configured.
| N
|
Y
| Wordfence Security
| Wordfence is a security firewall. It may log user's IP addresses and it will set cookies for logged-in users, which can be relevant if you have a membership site or are delivering courses or other content that requires a login.
| Y
|
N
| HotJar
| If you request additional help with user behavior tracking, we may install HotJar. Hotjar will record and store a record of user interactions with your website. See this doc for details.
| Y
|
Y
| Google Analytics
| Google Analytics is used to track visitors to your site, so that you know how many people are visiting, what pages they view, where they're located and more. As such, Google collects IP addresses, device identifiers and client identifiers.
| Y
|
| Google Fonts
| Google fonts may be installed on your website in order to deliver web fonts. This service uses visitor's IP addresses in order to deliver font files.
| N
|
N
| Chat Widget
| If your site includes a live chat widget, user contact and message info will be transmitted and logged on a separate server maintained by GoHighLevel.
| Y
|
| ADDITIONAL CONSIDERATIONS
|
|
|
| Scheduling links
| If you have a scheduling calendar embedded on your website from YouCanBook.me, Healthie, PracticeBetter, etc., that embedded calendar takes user data through the calendar provider and does not store it on your website.
|
|
| SSL - all of our websites use SSL certificates and send data via https
| HTTPS sends data between the web server and the user's browser in an encrypted format, helping increase the security of information transfer.
|
|
| DNT Signals
| There are no accepted standards yet about what it means to respond to DNT signals. Our websites do not currently respond to them. You can note this in your privacy policy. If you need this feature, please contact STRING to discuss additional options.
| |
