support home

Back to website
Login  Sign up

Legal responsibility

Hi again Helen, You are right, you as a site developer are in a very good position to set up the privacy policy for your clients. However, in the end you are not the site's data controller and however much you help your customers setting up their privacy notice, they as the data processor still need to double-check whether this actually reflects their data collection practices. This is a contractual issue in between the developer and the site owner. I suggest you take this into general contract, that setting up iubenda is part of the service, but that you can only recommend certain settings based on what you see and which services are used on the site. Ultimately the data collection practices are a responsibility of the site owner and he has to go through them to make sure they're right. Let me know your thoughts on this.
  • Hi Simon, I did have Privacy Policy included in the old contracts but never thought it that far out to the "what ifs". My clients are very good at what they do and not with Websites so they leave it in my hands. So now I have indeed prepared a separate contract for the Privacy Policy that they must review and sign-off whenever any major changes are made. But I see it as a formality at best, kind of like agreeing to a EULA. I guess then it falls into that "trust" area. My clients and I need to have a trusting relationship or there can be no relationship. But legally we all must be covered. In reality, we all doubt that anyone will really come after us about any of this (unless it becomes like the illegal download/music file piracy escapades of the college student) unless we were a huge company with big money. But I always feel that you should run your business just as if it were a big company with all the professionalism and licenses required. Otherwise, it's just a hobby. Helen
  • Hi Helen, I agree with everything you've said here. The fact remains however, that a site owner should be aware of the data he processes and ultimately is responsible for it. I think that should be understood by every site owner, even if they don't understand much of the powering technology stacks. :) Simon
  • Thank you Simon. It is always good to discuss this with someone in the business. :D
  • Hi, I am a firm believer in Privacy Policies, so much so that I include them in the development of all my clients' sites. Thus starts the legal responsibility pondering. My clients are responsible for all their own content; intellectual property rules, appropriate use rules, etc. My clients and I indemnify the other for legal reasons. Then enters the Privacy Policy. This is for the site owned by my client and the site visitors. My clients cannot begin to know what to include so this would best be created by the developer, in this case me. And then it is crafted by Iubenda and their legal team and hosted by Iubenda. Iubenda is protected by this part of the Privacy Policy: "Information about this privacy policy The Data Controller is responsible for this privacy policy, prepared starting from the modules provided by Iubenda and hosted on Iubenda's servers." Do you think the Privacy Policy is also the place to state exclusion of responsibility of the Website Developer and/or the Website host? Thanks, Helen
Login or Signup to post a comment