Updated: Feb 11
Do you sell a product or service that’s exclusively made in your state, from a store or computer in your state, ONLY to people that live in your state and plan on staying that way forever?
Probably not. With nothing more than a TikTok account and a Square login, it's just as easy for a small business in Richmond, Virginia (VA) to sell courses or memberships all over the world as it is for a Virginia Beach photographer to take family portraits at Sandbridge (as long as everyone stays off the dunes, of course).
So, let's talk about keeping your business in line with the law and avoiding fines and courtrooms. Updated on Feb 11, 2022
Privacy Laws aren't just the GDPR
In the past few years, a few of the world’s biggest economies, think Europe, the UK, Canada, Australia, California, and Nevada (huge number of online businesses registered there!), decided that their residents deserve to know what information companies have on them. It’s a trend that is only going to continue.
Here’s where you say ‘But wait, I don’t operate in California or Europe!’
Remember that old school house rock song about how a bill becomes a law?
So, every state except Hawaii and Florida has had a privacy bill progress to at least the committee stage and these bills are going to keep popping up until they are passed.
Plus, can you really guarantee that you won't have a single website visitor from any of those places?
And you can bet your bottom dollar that states getting their own privacy laws will only push the federal government to make a law for every American based business soon. You can also bet these laws will only get more complex since data privacy isn’t going anywhere.
So now you say “I’ll never have tens of thousands of people visiting my website.”
Even if you are 100% local or aren’t processing 100,000 folks data yet, this is coming. BTW 100,000 people is less than 300 website visitors a day. That's not terribly high in the grand scheme of things. Plus your city or county can make a local law about this too. You can’t avoid it, so why risk your business over something so easily fixable?
Asking folks for their email address
Email addresses are as important as home addresses or phone numbers to any small business. Because of that, governments started protecting email addresses just like any other personal information.
Business coaches seem to be screaming about the importance of collecting emails to sell.
You send your invoices and contracts to your clients by email. (if you don't, we gotta have a chat about why e-signatures and e-payments are gonna save you a TON of time.)
Whether you are building an email list of folks ready to buy, keeping track of who joins your VIP facebook group, or creating a lookalike audience for your newest ad based on this group of emails that you have a great conversion rate from before, you’re getting emails.
* any ‘standard’ contact info like full name, phone number count towards this too.
Use analytics of any kind on your website
Google Analytics and a Facebook pixel are the most common culprits here. These tools help you understand your customers but you have to tell site visitors what you're going to do with it .
Google’s own terms actually require you to tell folks you are using analytics, even if your state doesn't. Do you really want to piss off Google?
Have a single website visitor, customer, or potential client from Europe or California
I told you, these countries aren’t playing. And you know how you know if you have visitors from these countries? You have Google Analytics installed!
Selling folks data
In general, I don't think its a smart thing for small businesses to do, but if you need to sell your email list, you gotta tell folks.
Having ads on your blog or website
Monetizing your blog is no joke. It can bring you in some real money, but you gotta tell folks you’re doing that.
but it is one of those easily check-off-able things that can let you worry just a little less as you continue to grow your business.
Have you updated it in the past 2 years?
Does it match the software and processes you are using today?
Are you rethinking your policy on privacy policies?
**Disclaimer: This is only general information, not legal advice specific to your situation, and does not create a client-attorney relationship between you and Samantha Bradshaw, a Virginia licensed small business lawyer, or InLine Legal, a 100% virtual law firm. If you need legal advice, please contact a lawyer in your area.