Tuesday, 10 September 2013

Is your company website legal?

Regulators are to start examining company websites to ensure that their privacy policies don’t breach data protection laws. So, do businesses need to be worried?

Stuart Haynes, of Martin-Kaye Solicitors, in Telford, said: “The Information Commissioner’s Office, responsible for enforcing data protection laws in the UK, hasn’t really concerned itself with activities on the internet so far.

“But that is starting to change. It intends to start scrutinising companies’ online privacy policies, and naming and shaming those which do not comply with the rules.”

He said: “Not only are many website privacy policies shamefully flouting data protection laws, they are sometimes being used to try to protect businesses from legal liability, and not properly informing visitors about the processing of their personal data.

“At the moment, the ICO is only scrutinising a small number of websites, and your chance of falling under its spotlight is pretty remote. But this is probably the trigger which companies need to review their privacy policies, making sure you tell visitors to your website in clear terms exactly what their personal data will be used for.

“Businesses also have to provide details of their data controller, and name any third parties which may be given access to the website’s data.”

Stuart said: “The ICO has produced an easy-to-read three-page checklist, which explains how firms can set out some of the required information. And if you’re unsure of just what you need to do to comply with the rules, seek expert advice at the earliest opportunity. Don’t leave things until the eleventh hour or you could risk serious consequences in the longer-term.”