« go to the main website

iubenda blog

iubenda's blog, privacy policy generator for websites and apps

Posted on by Simon Schmid


Twitter's lead generation cards are a very interesting way of collecting email addresses/users. One thing Twitter wants you to do however before you're good to go, is to provide a privacy policy. 

Well of course that's an annoying additional requirement I bet you were not thinking about before. That's where (obviously) iubenda comes in handy. Iubenda can craft that much needed privacy policy for your Twitter Lead Generation cards.

Twitter Lead Generation cards privacy policy requirement

Since you are collecting email addresses and names for a certain goal Twitter requires you to provide a privacy policy. When you find the card creation interface in Twitter's ads section, you'll click on the Lead Generation radio button.

twitter_cards_privacy_policy

 

Next, you will fill all the details needed for the lead generation until you'll see a form labeled "Privacy policy URL" and small copy saying "Your privacy policy must explain how user data is being used."

twitter_cards_privacy_policy2

The question mark reveals more: You must provide a link to your privacy policy on your site in order to use the Lead Generation card.

Iubenda helps a great deal with this. By signing up and telling us what the data is exactly that your site collects, your privacy policy comes out generated on the other side. Then the privacy policy can be embedded onto your site or you can just use the direct link provided as well.

Generate a privacy policy for your Twitter Lead Generation card now

About the implementation of the privacy policy link

Then, when you're done with creating your card, you'll see how it looks:

twitter_cards_privacy_policy3

The privacy policy will be displayed right there on the card. What Twitter also tells you is to link to a privacy policy that originates on your site. 

If you therefore implement the privacy policy onto your site, make sure to include it in the footer because that's where people look first and data protection authorities want it.

Now that you've mastered the part of the privacy policy, take a look what other people can teach you about the lead generation cards:

  • How to Generate Twitter Leads With Their New Lead Generation Cards - Social Media Examiner
  • Twitter Introduces Lead Generation 'Cards' to Collect Leads From Tweets - Hubspot
  • Connect Twitter Lead Generation Cards to Campaign Monitor - Campaign Monitor

Posted on by Simon Schmid | Posted in Category


Leave a comment

Posted on by Simon Schmid


We have added 7 new services for inclusion with your privacy policy. They're services from across the SaaS spectrum, therefore let's look at each of them:

Now go and make something great with the time you've saved yourself by not making a privacy policy from scratch. 

Posted on by Simon Schmid | Posted in Category


Leave a comment

Posted on by Simon Schmid


iOS 8 is around the corner (fall release) and with each major release there are implications for the developers as well. With the release of iOS 8 these implications are also to be felt in the realm of privacy.

Apple has in fact put quite some emphasis on privacy in its next OS that Apple engineers have produced some guidelines called User Privacy on iOS and OS X and blog posts started to surface covering the topic.

iOS 7's main changes were a required privacy policy for apps for children, iOS 8 has more of it:

Now, in addition to apps for children, you're required to submit a privacy policy along with your app if you

  • Apps that link against HealthKit
  • Apps that link against HomeKit
  • Third party keyboards
  • Kids

Here's a screenshot from the guidance for iOS 8 and OS X privacy that says it all: important for all apps to have one [privacy policy], required for some app categories.

privacy_policy_ios8

If you want to know more about the topic, why don't you read how to make a privacy policy for an iOS app.

 

 

Posted on by Simon Schmid | Posted in Category


Leave a comment

Posted on by Simon Schmid


The other day we've announced the integrations with some popular file hosters Inkfilepicker, Transloadit and Heroku. This is the integration announcement for a very similar set of services that perform backups of your data. In this category we've had VaultPress before and we are now adding Amazon's Glacier, Dropbox and Google Drive.

This means you can now easily browse the collection of services/clauses within iubenda and find these backup based services to your privacy policies.

privacy_policy_for_backup_services 

What is Amazon Glacier?

Amazon Glacier is an extremely low-cost storage service that provides secure and durable storage for data archiving and backup. In order to keep costs low, Amazon Glacier is optimized for data that is infrequently accessed and for which retrieval times of several hours are suitable.

Generate Privacy Policy for AWS Glacier

 

What is Dropbox?

Dropbox is a folder on your computer that additionally syncs all of that data with your Dropbox account on the web. Some people choose to use Dropbox as a backup or hosting service for data.

Generate Privacy Policy for Dropbox

 

What is Google Drive?

Similar to Dropbox, Google Drive can hold any local data or data from a website as a backup solution.

Generate Privacy Policy for Google Drive

 

Why include a privacy policy for Amazon Glacier, Dropbox and Google Drive?

File hosting and backup services host your data externally on their servers which also means that the personal data you've collected about your users or visitors is hosted elsewhere. Laws require that you make this known to your users via a privacy notice.

Sometimes companies even require you within their terms to use a privacy policy to make exactly that fact know.

By using iubenda for your app this becomes as easy as choosing the hosting clauses and adding it to your privacy policy. Let us help you with it.

Posted on by Simon Schmid | Posted in Category


Leave a comment

Posted on by Simon Schmid


A little while ago we've announced the integration of the image processing service Cloudinary into the privacy policy generator. Now I'd like to announce further integrations with Inkfilepicker, Transloadit and Heroku.

This means you can now easily browse the collection of services/clauses within iubenda and find these hosting based services to your privacy policies.

hosting_services_privacy_policy 

What is Filepicker.io?

Filepicker lets you "Connect, Store, and Process any file from anywhere on the Internet". It's a very simple way of taking care of your file hosting needs. Files are handled and moved to an Amazon S3 bucket, Rackspace cloud files, Azure blob storage, or Dropbox for you.

Generate Privacy Policy for Filepicker

 

What is Transloadit?

Transloadit handles file uploading & file processing for your websites and mobile apps. They'll process video, audio, images and documents. Basically they'll deal with progress bars, encoding tools and scaling machines for you.

Generate Privacy Policy for Transloadit

 

What is Heroku?

Heroku is a hosting service that deals with the infrastructure for you, letting you concentrate on building the actual app. Whoever builds websites is most, most likely very familiar with what Heroku does and helps you with.

Generate Privacy Policy for Heroku

 

Why include a privacy policy for Filepicker, Transloadit and Heroku?

File hosting and hosting services help you run an app and as such may get access to personal information about your users (both you and the hosting companies  may get access and store personal information). Laws require that you make this known to your users via a privacy notice.

Sometimes companies even require you within their terms to use a privacy policy to make exactly that fact know. Heroku is doing exactly that in their terms:

3.3 You agree that you will protect the privacy and legal rights of the End Users of your application. You must provide legally adequate privacy notice and protection for End Users. If End Users provide you with user names, passwords, or other login information or personal information, you must make the users aware that the information will be available to your application and to Heroku.

By using iubenda for your app this becomes as easy as choosing the hosting clauses and adding it to your privacy policy. Let us help you with it.

Posted on by Simon Schmid | Posted in Announcements


Leave a comment

Posted on by Simon Schmid


canada_spam_legislation

Canada's anti spam legislation is going into effect tomorrow, July 1st (with a 3-year transition period attached to it).

This change in Canadian spam rules (the regulation itself is called Canadian Anti-Spam Legislation, CASL) is not directly related to our service, the generation of privacy policies. But it does not hurt to know more about the topic. Emailing is a privacy related topic, therefore make sure you educate yourself about it. Spam is a very serious problem and privacy authorities have powerful tools to hurt organisations that go against their provisions. 

When does the CASL apply to you?

The CASL is relevant to you and your situation when you have Canadian users on your emailing lists. 

What's the most important information regarding CASL?

You should probably start using permission based email-marketing. That means you have express consent by the people on your list. It's the easiest way to make sure everything is going down smoothly.

There are three general requirements for sending a commercial electronic message (CEM) to an electronic address. You need (1) consent, (2) identification information and (3) an unsubscribe mechanism. The questions under this heading relate to the second requirement – identification information.

To find out what that means consult the FAQ.

More basic information about the CASL?

The CASL is enforced by three agencies. They are the CRTC, the Competition Bureau, and the Office of the Privacy Commissioner. The CRTC is providing a lot of guidance to some of which I'll be linking right below in the informational green box.

That's it. If you are using Mailchimp for your newsletter/emailing needs then you may consult their blog post regarding CASL here.

Posted on by Simon Schmid | Posted in Category


Leave a comment