This post mainly answers the question how and why you have to include a privacy policy on your website when you use Campaign Monitor as a service for your newsletter.
- If you want to skip all that and just use our generator to help you make a privacy policy for your website and Campaign Monitor then follow me
- Btw. did you know Google Analytics requires you to have a privacy policy on your site?
Let’s assume you have a website, a contact/subscribe form and you use Campaign Monitor to regularly send out mailings to people you want to reach. You do that via an email newsletter (powered by CampaignMonitor) and you’re thinking about a privacy policy. What do you have to do?
1) Do I have to include a privacy policy when I use Campaign Monitor?
There are two sides to this question from a legal perspective. But actually only one answer: YES.
- There is the legal side of it: Depending on where you are you may fall under European including UK, American (Californian) or Australian privacy laws. The list could go on since most countries have some sort of privacy regulations that extend onto the web – and hefty penalties for non-compliance.
- For newsletter/mailing services in general: newsletter services are sending out emails on your behalf to a list of real people that you are collecting via a newsletter subscribe form on your website, which is why you have to disclose this fact to people via something like a privacy policy: More information about the legal framework can be found here.
- There is the company policy side to it as well: Does Campaign Monitor require me in their terms to have a privacy policy when I use their service? See the answer in the next paragraph (2).
2) Am I required by CampaignMonitor to post a privacy policy for my newsletter?
Yes. Campaign Monitor requires of you as a user to adopt and maintain a policy that complies with all applicable privacy laws (…):
You will adopt and maintain a policy that complies with all applicable privacy laws and which is at least as stringent as our Privacy Policy (as modified by Campaign Monitor from time to time). You acknowledge that all personal information that you provide to us has been collected with the relevant individual’s consent, and that you have informed the individual of the purpose for which that information was collected, and that you may provide this information to us for the purposes of use in relation to the Services. You acknowledge that we may store the personal information that you provide to us on servers located in the United States of America, and you warrant that you have obtained the consent of the relevant individuals to the storage and transmission of their personal information in this manner.
Therefore the most important part in this context is the following: “maintain a policy that complies with all applicable privacy laws and which is at least as stringent as our Privacy Policy”.
Don’t forget that you need the individual’s consent or you make yourself liable to anti-spam laws.
3) How do I add a privacy policy?
Usually, to make a privacy policy legally effective and compliant, it has to be easily found. A best practice is to link to your privacy policy from your footer where your users or visitors can find it at any given time. It should also not be modified to look like you want to hide it (smaller type, light colors that make it literally indistinguishable from the background).
4) An example privacy policy for Campaign Monitor?
A lot of people ask for sample privacy policies for their websites & Campaign Monitor. In reality those samples don’t do anyone much good because they’re far too generic. Let’s start with an enumeration of what needs to go into a privacy policy. Most countries’ privacy laws require you to include the following information:
– What kind of personal data is collected
– Describe how this information will be used by the company.
– Describe how this information will be transferred to third party companies.
– Provide instructions on how users can modify or delete their personal information.
– Provide instructions on how users can opt-out of future communications.
– Identify its effective date and outline how you notify people of material changes to your privacy policy.
Here is a sample privacy policy clause for Campaign Monitor newsletters:
Campaign Monitor is an email address management and message sending service provided by Freshview Pty Ltd.
Personal Data collected: Email. Place of processing: USA – Find their Privacy Policy.
—
Ideally you would tell the users what the service does in general and how you are using it.
Anything else?
Yes, when sending out email newsletters you must honor anti-spam regulation such as the CAN-SPAM act.
What do I do now?
You can either hire a lawyer, write your own complete policy or use iubenda’s generator right away to make your policy for you. The Campaign Monitor clause falls under our free limits.
Our Approach of Generating a Campaign Monitor Privacy Policy
So here’s where iubenda’s privacy policy generator will come in very handy:
- Define the services and categories of data collection your site/app is making use of.
- Add the services (and categories of data collection like “Mailing List or Newsletter”) you are using to your policy. iubenda now takes care of your policy and generates it for you.
- You can either link to your policy or embed the text into your site/app.
