Personal Website Privacy Notice
Does your personal website/blog need a Privacy Notice?
I recently realized this personal website did not have a Privacy Notice, even though personal data is being collected here. Was it a problem? Using the word “need” makes most people think about some external factor, such as a law or regulation. Businesses in almost all parts of the world are now concerned with data protection and privacy laws and regulations. Those businesses that are not should be. What about personal websites and blogs? Does your website or blog need a Privacy Notice?
Let me take GDPR as an example: In its article 2, Material Scope, it says:
- This Regulation applies to the processing of personal data wholly or partly by automated means and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system.
- This Regulation does not apply to the processing of personal data:
(a) in the course of an activity which falls outside the scope of Union law;
(b) by the Member States when carrying out activities which fall within the scope of Chapter 2 of Title V of the TEU;
(c) by a natural person in the course of a purely personal or household activity;
(d) by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security.
- For the processing of personal data by the Union institutions, bodies, offices and agencies, Regulation (EC) No 45/2001 applies. Regulation (EC) No 45/2001 and other Union legal acts applicable to such processing of personal data shall be adapted to the principles and rules of this Regulation in accordance with Article 98.
- This Regulation shall be without prejudice to the application of Directive 2000/31/EC, in particular of the liability rules of intermediary service providers in Articles 12 to 15 of that Directive.
Even though you may not be required to have a privacy notice, you know (or should know) what kind of data you process. Why not share that with your visitors?!