(720) 248-8252 [email protected]

Privacy Policy Drafting and Review

Work with an Experienced Attorney that Knows IT
Schedule ConsultationCall (720) 248-8252
Attorney Chris Maes

"I'm an Attorney and a Certified IT Engineer."

– Chris Maes

The Cyber Law Office of Maes, Ltd. offers businesses in the Greater Denver Area legal services for Privacy Policy Drafting and Review.  With increasingly stringent data privacy law requirements, updated and accurate privacy policies have become a necessity for businesses of all sizes.  Thus, whether your business is seeking a review of an existing privacy policy, or wants to start from scratch, Maes, Ltd. has you covered.

 

The unfortunate reality for most businesses is that very little care and attention is put into the development of privacy policies.  Some businesses simply copy and paste another business’ privacy policy onto their website, or worse, have no privacy policy at all.  Since the goal of every for-profit business is to generate revenue, it is understandable why many businesses do not spend much time, if any, on having this important legal document properly drafted.  As it will be explained, the decision to ignore or neglect your business’ privacy policy is a big mistake.

First, and most importantly, you may have a legal duty to provide your customers with a comprehensive privacy policy for your website and / or applications.  For example, if your business collects the personally identifiable information (PII) of residents in states like California, or international locations like the European Union, your privacy policy may be required to address the following topics:

  • What data is being collected from your customers?
  • Why this data is being collected?
  • How can your customers access the data collected about them?
  • How can this data be destroyed at the request of your customers?
  • Is customer data shared or sold to third parties?
  • Before data is collected, does a customer have to “opt-in”?
  • How does a customer “opt-out” if they no longer want their data collected?
  • Are security measures like data anonymization and encryption being utilized to protect customer data?

Failure to address these types of issues in the privacy policy, among others, could result in crippling fines.

Second, many of the companies businesses rely upon to generate revenue require privacy policies.  For example, if you use Google Analytics on your website, you are contractually required to have a privacy policy that documents how you are collecting customer data using Google’s tools.  Moreover, if you develop applications on Facebook, Facebook also requires that you have a robust privacy policy if you want to leverage their platform. Hence, if you want to legitimately leverage services from some of the world’s biggest technology providers, your business needs a conforming privacy policy.

Finally, for businesses that make the mistake of copying another business’ privacy policy and using it as their own, they could run afoul of the Federal Trade Commission (FTC) Truth in Advertising requirements.  For example, if a business is being run from a home office on a DSL modem with no firewall and the business’ privacy policy states that the business follows the National Institute of Standards and Technology (NIST) cybersecurity framework for critical infrastructure, that would be a misleading statement.  If the misleading privacy policy were to give customers a false sense of security by utilizing the business’ services, the FTC could pursue a federal lawsuit against the business. 

In summary, ignoring or neglecting your business’ website and / or application privacy policy is a big mistake that could have costly ramifications.

Retain Maes, Ltd. for your Business’ Privacy Policy Drafting and Review Needs

Attorney Chris Maes offers businesses the option to have an existing privacy policy reviewed to ensure it complies with existing legal mandates, or the option to draft an entirely new one.  Even though the legal consequences of not taking privacy policies seriously can be severe, it is not difficult to achieve compliance.

Conveniently, Attorney Chris Maes is also a Certified IT Engineer.  He possesses certifications that demonstrate mastery of cybersecurity, cloud computing, and networking technologies.  This expertise is useful because in addition to achieving privacy policy compliance, businesses that leverage Chris’ legal services can also gain a better understanding of the following:

  • What data needs to be collected for business operations?
  • What data is nice to have, but not necessary for business operations?
  • How long should data be retained before being destroyed?
  • How should the data be destroyed to ensure it is irretrievable?
  • Where is customer data stored and how is it accessed?
  • Is the customer data secure while in transit and at rest?
  • If the business is not following a cybersecurity framework, should it be?

As these questions demonstrate, privacy policies can be useful instruments for internal business operations as well.

In conclusion, if your business is in the Greater Denver Area and you are seeking a legal review of an existing privacy policy, or you want to create an entirely new one, contact the Cyber Law Office of Maes, Ltd.  You can schedule a consultation today by calling (720) 248-8252 or by using the form below.

Schedule Your Cyber Law Consultation Today

Be advised that submitting this contact form to Maes, Ltd. does not create an attorney-client relationship. Also, please do not share confidential, private, or time-sensitive information via this contact form either. Without a written engagement letter, there is no legal duty for Maes, Ltd. to act upon the information shared, or keep it confidential. For a more detailed explanation, please review Maes, Ltd.’s Privacy Policy and Legal Disclaimer web pages, which can be accessed using the hyperlinks at the bottom of this page.

8 + 8 =