Should Your Law Firm’s Website Have a Privacy Policy?

Short answer: Yes.

Medium answer: It’s best practice for you to do so, but not required by law unless you do business in the state of California and/or target children under the age of 13.

Long answer: Read on.

What is a Privacy Policy?

A privacy policy is generally a page on your website letting your users know how you collect and handle their information. It serves two main purposes. On one hand, it informs users on what is happening with their information so they can protect themselves. On the other hand, it allows webmasters to avoid potential legal issues.

Privacy policies serve a different purpose than a disclaimer, which are also good to have on your website. A disclaimer denies responsibility. For law firms, this usually means informing users that the content on your website is not and is not intended to be legal advice (and other statements along the same lines.)

Best Practices

  • Let users know what information you collect, whether or not that information is personally identifiable, and explain how that information is collected.
  • If you share user information, state who the information is shared with and how it is shared with them.
  • State that if you are compelled by law to disclose information, you will comply with such orders.
  • Give readers the option to correct, change or remove any personal information about themselves.
  • Include a last updated or effective by date.
  • Communicate if/when you’ll update it and how you’ll communicate changes.
  • If you’re not a lawyer or you outsource the writing of your policy, get it reviewed by a lawyer.

3 Tips for Writing Your Website’s Privacy Policy

  1. Don’t say you’ll never share user information with a third-party, because there’s a 90% chance you will. Do you have a web developer/marketing company working on your site? Third party. If you were legally required to share that information with law enforcement, would you? Third party.
  2. Write in plain English. Test this by having your non-lawyer non-internet marketer friend read it and see if they understand. If they have questions, answer them in your privacy policy.
  3. Put this bad boy on your website somewhere where users can see it. Add the page somewhere navigable, like your footer. Hiding your privacy policy in size 4 font or only making it accessible via sitemap doesn’t do anyone any good.

A Special Note for Lawyers

You should really probably have a privacy policy, because:

  1. You are collecting information about your users; you should tell them about it.
  2. You have the know-how to create a privacy policy without needing to consult someone else (other than perhaps your web developer to get it put online), so just do it.