by Russ Michaels | Apr 22, 2018 | Tech Stuff, WEBBY STUFF, WordPress
Privacy policies are one of the most overlooked aspects of most websites. If you stop to look around most of the popular sites you visit, you’ll find they all have unique privacy policies (though the specific page’s traffic is usually low). Even so, these documents are important if you want your website to comply with local and international regulations.
More importantly, you don’t need to be a lawyer to add a thorough privacy policy to your website. In this article, we’ll talk more about why privacy policies are significant and we’ll teach you about some essential clauses. Then we’ll introduce you to three tools you can use to help you create a privacy policy for your website.
Let’s talk privacy!
What Privacy Policies Are (And Why They’re Important)
Privacy policies can look intimidating, but you should always read them when possible.
Privacy policies are legal documents informing users what you do with their data. For example, if you collect email addresses, names, and birthdays during the user signup process, you need to tell users what happens with their information. For example, some websites might use it for internal purposes only (such as customer profiling). Others might sell the information to third-party services, in which case consent is necessary.
As you’ll be aware, privacy policies are usually skipped over by the majority of visitors. However, there are several benefits to adding one to your website:
Although some countries don’t require the use of a privacy policy, you can still be held liable under international law for not following regulations. If you have European Union (EU) users, for example, you need to comply with the GDPR. Given the chances of getting fined for non-compliance, adding a privacy policy to your website is simple – and it’s a smart business move.
Ideally, you’d enlist the help of a lawyer to help you draft your privacy policy. However, that’s not a practical option for the vast majority of site owners. Knowing this, a lot of online services have sprung up to help fledgling websites craft basic privacy policies to cover their bases. However, before discussing them, let’s look at what your privacy policy should contain.
3 Clauses Your Website’s Privacy Policy Should Include
These three clauses won’t, in most cases, be enough to craft a well-rounded privacy policy. Think of them only as the basics that any such document should include. We encourage you to do further research into other critical clauses.
The next section will explore some tools to generate full privacy policies with little input from your end. Even then, it’s essential you have a working understanding of what their basics are.
1. How and What Type of Information You Collect
This clause is the bread and butter of privacy policies. It details the exact information you collect, and how. To recall our earlier example, you can get email addresses and names directly from signup forms. However, there is also data you can obtain without the user knowing. For example, Google Analytics tracks the user’s preferred web browser, which needs to be mentioned.
Ideally, visitors would take a look at this clause and decide if they’re comfortable using your services, but more pertinently, it covers your bases legally. Here’s an excerpt from a common privacy policy, discussing what type of information we collect and how we do it:
Personally Identifiable Information refers to information that tells us specifically who you are, such as your name, email address, or phone number. Downloading information or logging in may allow the Company to “recognize” you to allow us to personalize our service for you.
This first section discusses what we consider to be personal information, as opposed to anonymous data we might collect. It also mentions we may use the information to personalize your user experience. In our case, logging in is only necessary to download products you may have purchased, so it’s not obligatory.
2. What You Do With the Information You Collect
Plenty of websites engaged in the practice of selling or sharing user data. Other services use this to personalize content and ads, among other elements. Other potential applications include using the information to enforce terms of use, improving your website’s services, and more.
Regardless of the application, this clause is critical because although users may consent to share personal data, they might not be happy with how you decide to use it. Here’s a short paragraph from our privacy policy outlining our general use of private information:
For our Clients, we use personal information mainly to provide the Services and contact our Clients regarding account activities, new version and product offerings, or other communications relevant to the Services. We do not sell or share any personally identifiable or other information of End Users to any third parties, except, of course, to the applicable Client whose website you are using.
For example, if your ZenMSP service is about to expire, we send you an email reminder. In this case, we’re using your personal information to provide an update.
In any case, if you’re not comfortable with the way a website uses your information, the GDPR outlines the ‘right to be forgotten‘. This means sites are bound by law to delete your information if you ask them to cancel your account, for example.
3. Your Use of Cookies
Cookies are files on your computer that contain personal settings for specific websites. The term itself supposedly comes from ‘magic cookies’, which are a type of token used by UNIX-based Operating Systems (OS).
In any case, websites use cookies to track what you do within them. For example, cookies enable you to stay logged in even if you leave the website (although there are limitations). According to the European Union’s Cookie Law and new ePrivacy Regulation, sites need to inform visitors about their use of cookies and provide an option to disable them. Here’s an excerpt from a privacy policy’s section on cookies:
We use cookies, tracking pixels and related technologies on our website. Cookies are small data files that are served by our platform and stored on your device. Our site uses cookies dropped by us or third parties for a variety of purposes including to operate and personalize the website. Also, cookies may also be used to track how you use the site to target ads to you on other websites.
The above explains how cookies are used and what they are. Later on in the policy, we would also discuss how you can opt out of using cookies, including those served by third-party services on our website (such as Google and MailChimp).
3 of the Best Privacy Policy Generation Services to Consider
Although we fully recommend the services we include in this section, you should always review the language of any privacy policy you generate with any of them, just to be safe. Let’s take a look at the options.
1. iubenda
iubenda is an online website privacy policy generator that stands out thanks to its ease of use. It uses modules to help you pick the exact clauses your privacy policy should include, and adjust their terms depending on which services you use. For example, if you’re part of the Amazon Associates program, you can add the necessary language to your policy with a single click.
Key Features:
- Uses simple module system to build a comprehensive privacy policy.
- Lets you customize your policy using your company’s information.
- Enables you add necessary clauses for several popular third-party services, including Amazon Associates and Google Analytics.
- Provides automatic updates to your policy based on any new regulations.
Price: Free and paid plans available | More Information
2. TermsFeed
TermsFeed enables you to generate basic privacy policies in minutes, and customize them using your site’s information. Each time you want to create a new policy, the service will walk you through a questionnaire to help you determine the clauses you need. When the process is over, you’ll receive your new policy via email in seconds. The platform also offers you the option of updating your policies automatically as laws change.
Key Features:
- Enables you to generate custom privacy policies using a simple questionnaire.
- Lets you adjust your policy to comply with national and international laws.
- Provides automatic policy updates whenever the law changes.
Price: Free and paid plans available | More Information
3. Shopify’s Privacy Policy Generator
Shopify’s Privacy Policy Generator is a bit more narrow in scope than the other tools we’ve discussed. Its clauses are tailored for Shopify websites specifically. However, you can generate one of their policies in seconds and use it to check out essential clauses regarding how to deal with payment information.
Key Features:
- Lets you generate a privacy policy for your Shopify store.
- Enables you to outline how you deal with customer payment information.
- Gives you the ability to customize your privacy policy based on your store and its location.
Price: Free, but you need a Shopify subscription to get the most out of it | More Information
How to Create a Website Privacy Policy Using iubenda
For this portion of the piece, we’ll use iubenda given its ease of use and reasonable pricing structure. To get started, go to the service’s home page and click on the GENERATE YOUR POLICY button to the top right of the page. On the next window, enter your website’s URL and click the blue button:
The service will ask you to register a free account or log in using Facebook. Either way, when you’re in, you’ll see an option to add any services your website uses to your privacy policy:
Clicking on the button will show you a list of clauses you can add:
As you include more services, they’ll be added to your privacy policy automatically. You can preview it at any time by clicking on the Preview widget to the right of your dashboard:
When you’re done adding services, click on the Next button at the bottom of the page. You’ll now need to enter your company’s name and address, then click on Next again:
On the final screen, you’ll find options to embed your policy into your website:
That’s it! If you’ve included all aspect of how you collect data, your privacy policy will be good to go. Do remember to give it a full read before publishing it, though!
Conclusion
Website privacy policies don’t get the spotlight they deserve. However, they’re essential elements of any website that takes data protection regulations seriously. On top of enabling you to keep your operations above board, privacy policies also outline how your site handles personal information, which should help put visitors’ minds at ease.
If you don’t know where to start when it comes to creating a website privacy policy, here are three online generators that are easy to use and feature-packed:
- iubenda: A module-based privacy policy generator that supports dozens of third-party services.
- TermsFeed: This simple service enables you to create a basic policy through a questionnaire.
- Shopify’s Privacy Policy Generator: This generator is tailor-made for Shopify stores.
If you still need help, then feel free to contact me.
by Russ Michaels | Feb 20, 2018 | Security
How often do you use public WiFi? Are you aware of the dangers of using public WifI? Do you know how to protect yourself from harm? These are some of the questions that I will answer in this post, so if you or your kids are not currently securing your mobile devices, keep reading.
The Dangers Of Using Public WiFi
Everyone has several points during their day when they find themselves somewhere in public, and they just happen to catch a break. In those times, most people will simply take out their phone and check their favourite social network, email, and similar things.
However, to do so, they need an internet connection, and if they do not have a mobile signal then they will next try to scan the area for public WiFi. Some people even have their devices set to connect to any public WiFu automatically. If you do that, you might think that you are lucky having free internet access. However, you might just be about to enter a hacker’s trap.
Any free public WiFi that you find could actually be a trap set by hackers, but even if it is legit, with such poor protection there’s pretty much no difference. We understand that sometimes you don’t have the time or patience to think about this sort of thing. You might be in a hurry, or maybe you are waiting for an important email, or message.
Even if you use it for a little bit, your phone, tablet, or laptop can still get compromised.
So in this article, I am going to mention some of the most common and dangerous threats that you may come across when using public WiFi. And also some of the methods that you can use to protect yourself from them.
Snooping
Snooping is possible when you use any WiFi network that doesn’t have encryption, and most public WiFi networks don’t, which makes them different from your home network. When you use your private WiFi network at home, it has password protection, as well as encryption (or at least it should).
Public WiFi networks are different, and many don’t even have password protection at all, so as to easily make them available to anyone. Such as tourists and guests of hotels, restaurants, and alike. However, this also makes them vulnerable, as well as convenient.
When you use a network with encryption, your online actions are hidden from others. If you use one without protection, then everything you do is out in the open for everyone else to see. And if you use such networks to connect to your bank or social network, you will make your privacy available to others.
It is basically like sitting in an office with glass walls, everything you do is visible and nothing is private.
If you use public WiFi to connect to your bank, social network or anything else, you will make your privacy available to others
Compromised Devices
When you are using your laptop or some other device in public, and you connect to an open WiFi, make sure to mark it as a public network. If you do so, the device that you are using will lock down the connection. If you fail to do so, your device will treat it as a safe connection, which might lead to exposure.
In case that someone hacks your device, they might get access to all of your private content and info. That includes pictures, potential credentials, business documents, and everything else that you have.
Malicious WiFi Hotspots
The most dangerous thing that can happen to you is to connect to a fake public network.
They will often have a name like “Free WiFi“, or “Public Network“, or something like that. These are networks that hackers themselves set up, and then leave open, and without protection.
They do so in hope that someone would connect without realizing the danger, and most people will do just that. Not everyone knows about this method, and in fact, the majority doesn’t have a clue that this can even happen to them.
Several public WiFi Hotspots are set in place by hackers and left open to steal your online credentials, your business documents, contacts list, messages, emails, and everything else
But, when they do connect to one such network, hackers will see everything that they do.
This is how they steal your online credentials, your business documents, contacts list, messages, emails, and everything else.
They can later use this info to break into your bank account, steal your identity, hijack your social networks, and generally ruin your life for their own gain, or simply for their amusement.
Malware
Getting malware on your device via WiFi hotspot that hacker controls is much simpler for them, and much more dangerous for you. Hackers can use malware for many things. Some of them might only steal your files, photos, and similar data.
There is always a worse option, which is when malware actually downloads even more malware. Eventually, the hacker might get complete control over your entire device. If that happens, there is no limit to what they can do, from locking down your phone, to making it a part of a botnet.
WiFi Sniffing
This method is pretty simple when it comes to its concept. Basically, hackers will monitor network traffic and record big swathes of data that passes through. They can inspect this data later, and try to find some useful information.
This method can lead to discovering someone’s credentials, and other personal information. The consequences are many, and they might steal your money, your identity, or blackmail you if they find some secret.
And the worst part is the fact that sniffing through packets of data is not even illegal most of the time. It depends on the country’s laws, but not many choose to bother about things like this, that only affect several people at once.
Doing these things is actually very easy. Most people imagine that you need a lot of technical knowledge, or maybe some expensive equipment to do so. The truth is that almost anyone can do these things with an app or two, or some program of a higher quality.
The real technical knowledge is pretty much not even needed, and most instructions on how to do these things can be found pretty easily online.
You should have in mind that all of these dangers are a real threat, whether you are in your hometown, or in a foreign country.
Free WiFi can be a real danger whether you are in your hometown, or in a foreign country
How To Protect Yourself From WiFi Dangers
Now that you know what threats are out there, you should also learn how to recognize the danger.
Also, once you do recognize it, how to protect yourself. Some of these methods are something that you will just have to remember, and others will do most of the job by themselves.
Your job is to try to remember as much as you can, and when you can, you should avoid public WiFi. It might not be as convenient, but it is always recommended to wait until you get home. Now, let’s see what the methods of protection are.
Double-Check The Network Before Using It
False assumptions are what leads to most of this kind of problems. In short, you shouldn’t assume that a WiFi network is legitimate just because it says so. You shouldn’t really use any unknown WiFi since you don’t know who it belongs to.
It might belong to a restaurant, coffee shop, or a nearby hotel, or it might belong to someone fishing for easy targets.
Stick With HTTPS
Google Chrome lets you know when the site you’re visiting uses an unencrypted HTTP connection rather than an encrypted HTTPS encryption by labeling the former “Not Secure.” Heed that warning, especially on public Wi-Fi.
When you browse over HTTPS, people on the same Wi-Fi network as you can’t snoop on the data that travels between you and the server of the website you’re connecting to. But Over HTTP? It’s relatively easy for them to watch what you’re doing.
Thankfully all major sites are using HTTPS now, meaning that data is encrypted, but a lot of smaller sites are still using HTTPS and apps on your mobile device also may not be using a secure connection to connect to servers.
Update Your Software And Antivirus
Your OS will get updates on a regular basis, which goes the same for all legitimate apps on your phone or tablet. Installing these updates might be boring and annoying, but it is one of the best ways for you to stay safe.
New vulnerabilities are always being found and patched. If you have a system that did not patch old vulnerabilities, hackers might still bypass your protections. Most of these updates will install themselves automatically, only if you allow that in your settings.
And the same goes for your antivirus, that won’t help much if you connect to a network that hacker controls. However, it will help a lot if they try to send you a malware. That is why you need to keep it fresh and operational.
Forget A Hotspot When You Leave
If you have no choice and it is an emergency, you will simply have to connect to a hotspot and do what you need to do. However, we recommend doing what you must as quickly as possible. And after you finish, forget the hotspot immediately.
You don’t want to risk your phone remembering it and reconnecting automatically every time when you get close to that hotspot. That way, you might allow someone access without even knowing that you are in danger.
Having your phones remember WiFi that you use is practical and convenient, but also very dangerous. This is a danger that you must not overlook, otherwise, trouble is sure to follow.
Use A VPN
Finally, the best thing that you can do to protect yourself is to use a VPN. Using them is cheap, it is easy, and they will follow you always, and protect you no matter where you are. Even if you connect to a public WiFi.
VPN stands for Virtual Private Networks, and their main purpose is to help you stay safe online. They have multiple methods of doing so, which all add up to one big protective app that you can download on any device.
Depending on a VPN, there are different features that you can use to enhance your protection.
However, three main features are what they all have in common;
- First of them are security protocols. In order to keep your data safe, VPN can create a protective tunnel around your data flow. Your data goes through this tunnel, and while it is inside, nobody can use it, see it, or record it. With this method, your online actions are safe and under strong protection.
- The tunnels are not perfect, and there might be a leak. Still, there is nothing to worry about, because VPN’s also encrypt your data, just in case something like this happens. They use strong encryption that will keep everything you do protect. Even if someone somehow manages to get through your tunnel’s protection, they won’t know what they are seeing. And these protections are so strong, that some of them have never been breached before.
- Finally, they offer large server networks that can change your IP address. Thanks to this, nobody will connect you to your online actions, since they will go to another IP address, while you will remain completely safe and anonymous.
As mentioned, VPN’s offer a lot of extra features. Some of them serve as an enhancement to the existing methods of protection. Such as DNS leak protection, that will make sure that your tunnel has an extra layer.
Others will make sure that your protection will remain even if something disturbs the connection. This is what kill switches do.
All in all, whatever features they offer, the best VPN’s will protect you as best as they can. They will do it by blocking out hackers, stopping malware, and even by blocking ads.
To buy a VPN service is economical. You can subscribe to one of the best VPN starting from as little as £2.45 per month. Considering that your privacy and safety is at stake, it is well worth to give it a thought.
You can also use a VPN router, here is a guide to buying the best VPN router.
One thing to be aware of, many people believe that using a VPN hides your online activity and makes you completely anonymous, this is not true. Your online activity is tracked by more than just your IP address. Your apps on your mobile devices and the cookies in your browsers are sending information about your activity all the time, allowing advertisers to track you around the internet.
Which VPN To Choose?
Because of their sudden popularity which keeps on increasing, there are now hundreds and hundreds of different providers. Choosing one is hard enough, but choosing a good one can be even worse.
Here are some of the most popular VPN providers. I personally use Tunnel Bear right now, and each account allows up to 5 devices to be connected. So depending on the size of your family, then a single account could be used for your entire family’s smartphones.
According to sources, all of these are strong, fast, cheap, and they will give you the best protection that you can find, at the time of writing anyway.
Conclusion
Using public WiFi hotspots can be risky without a VPN, but you sometimes can’t help it. It is understandable, but you should still try to avoid doing it when possible unless you have a VPN to protect you.
However, when you find yourself in a situation that you have to use one, try to remember what you should and shouldn’t do. Do not log into social networks, emails, and especially don’t connect to your bank account. Also, try not to pick something that looks like it is offering itself too strongly.
And of course, subscribe to a VPN, and always have it on your devices. Many VPNs allow multiple connections at once, which means that with one subscription, you can protect 3-5 of your devices at the same time.
So remember these things next time when you choose to connect to a public WiFi hotspot and try to stay safe.
Recent Comments