This post mainly answers the question why you need to include a privacy policy on your website when you use KISSmetrics and how you can craft one using iubenda (or writing a privacy policy for use with KISSmetrics yourself) .
- If you are additionally using Google Analytics, then check out this privacy policy guide for Google Analytics
- If you want to skip all that and just use our generator to help you make a privacy policy for your website and KISSmetrics then follow me
Let’s assume you have a website, you run KISSmetrics on it and you are thinking about including a privacy policy. What gives?
Quick Start Guide
- Sign up/Sign in and choose our clause called “KISSmetrics”;
- Generate the self-updating privacy policy with a few clicks;
- Add the privacy policy to your site by embedding or linking to it;
1) Do I have to include a privacy policy when I use KISSmetrics?
There are two sides to this question from a legal perspective. But actually only one answer: YES.
- There is the legal side of it: Depending on where you are you may fall under European, American (Californian) or Australian privacy laws. The list could go on since most countries have some sort of privacy regulations that extend onto the web – and hefty penalties for non-compliance.
- For analytics services in general: analytical services collect some sort of personally identifiable information as a rule of thumb, which is why you have to disclose this fact to people via something like a privacy policy: More information about the legal framework can be found here.
- There is the company policy side to it as well: Does Space Pencil, Inc., aka KISSmetrics require me in their terms to have a privacy policy when I use their service? See the answer in the next paragraph (2).
2) Am I required by KISSmetrics to post a privacy policy?
Yes. KISSmetrics requires their users to use a privacy policy. When you sign up for their service you consent to their terms that state the following regarding privacy policy:
By using the KISSmetrics Script implementing the use of such cookies, you represent and warrant that: (i) you will comply with all applicable laws relating to the placement of such cookies on Visitors’ computers; (ii) you have posted (or you will post) a privacy policy on each website on which you use the Service, which clearly and conspicuously discloses the use of such cookies and (iii) you have obtained all required consents and authorizations from your website Visitors relating to the use of such cookies.
And…
iii. you have posted (or you will post) a privacy policy on each website on which you use the Service, which contains a link to KISSmetrics’ Privacy Policy and clearly and conspicuously states that:
a) you use third-party service providers to provide certain analytics services to you in connection with your operation of such website, including the collection and tracking of certain data and information regarding the characteristics and activities of visitors to such website;
b) Visitors may opt-out of this analytics service by using KISSmetrics’ Opt-Out Feature;
c) you may disclose Visitor data, including Personally Identifiable Information, to certain such third-party services providers to obtain such services.
The most important parts in these terms regarding the privacy policy are:” (…) you have posted (or you will post) a privacy policy (…)“.
3) How do I add a privacy policy?
Usually, to make a privacy policy legally effective and compliant, it has to be easily found. A best practice is to link to your privacy policy from your footer where your users or visitors can find it at any given time. It should also not be modified to look like you want to hide it (smaller type, light colors that make it literally indistinguishable from the background).
4) An example privacy policy for KISSmetrics?
A lot of people ask for sample privacy policies for their websites & KISSmetrics. In reality those samples don’t do anyone much good because they’re far too generic. Let’s start with an enumeration of what needs to go into a privacy policy. Most countries’ privacy laws require you to include the following information:
– What kind of personal data is collected
– Describe how this information will be used by the company.
– Describe how this information will be transferred to third party companies.
– Provide instructions on how users can modify or delete their personal information.
– Provide instructions on how users can opt-out of future communications.
– Identify its effective date and outline how you notify people of material changes to your privacy policy.
Ideally you would tell the users what the service does in general and how you are using it.
What do I do now?
You can either hire a lawyer, write your own policy or use iubenda’s generator right away to make your policy. The KISSmetrics clause falls under our free limits.
Our Approach of Generating a KISSmetrics Privacy Policy
So here’s where iubenda’s privacy policy generator will come in very handy:
- Define the services and categories of data collection your app/site is making use of.
- Add the services (and categories of data collection like “have a contact form”) you are using to your policy. iubenda now takes care of your policy and generates it for you.
- You can either link to your policy or embed the text into your app/site.