The Data Protection Act (DPA) 2018 is the UK’s updated data protection law which became effective on 25th May 2018 and was recently amended on the 1st January 2021 to reflect the United Kingdom’s exit from the EU. It sits alongside the UK GDPR and replaces the Data Protection Act 1998. The United Kingdom is […]
Let’s take a closer look at the differences between & the purpose of both agreements.
On this page
The Key Differences
|Legally required as soon as you collect any personal data||Not legally required but does help limit legal liability|
|Protects your users||Protects your business, limits liability|
|outlines your collection, use and storage of personal data||set of rules and guidelines for your website|
|Data collection||Users rights and responsibilities|
|Personal data||Refund policy|
|Non-Personal data||Governing law|
|Sharing your data||Limitations of liability|
|Retaining and deleting personal data||DMCA notices|
|Users Data Protection||Dispute resolution and arbitration|
|International Transfer||Minimum age requirements|
The two documents also cover clauses pertaining to the aforementioned purposes.
Personal data is any information that enables the identity of a person. A full name, address, date of birth, license number or e-mail address are all examples of personal data.
There are also a number of International laws that it should comply with. The main ones are GDPR, CalOPPa, COPPA and CCPA.
The General Data Protection regulation is an EU privacy law that aims to protect the privacy of residents of the EU. It requires that you inform your users of their data protection rights and that you are transparent in your collection and use of their personal data.
For more information on GDPR you can this post on GDPR Compliance.
CalOPPA permits residents of California to request information regarding your use of their personal information being disclosed to third parties for use in direct marketing. It also permits users under the age of 18 requesting to have their content or information they have posted publicly to be removed.
The Children’s Online Privacy Protection Act requires that websites and online services disclose whether they have knowledge of collecting personal information from children under the age of 13.
The California Consumer Privacy Act intends to strengthen the rights of residents of California by providing them with the following rights:
- know what personal data is being collected about them.
- know whether their personal data is sold or disclosed and to whom.
- say no to the sale of personal data.
- access their personal data.
- request a business to delete any personal information about a consumer collected from that consumer.
- not be discriminated against for exercising their privacy rights.
- Data Collection: outline what data is collected and processed.
- Security: How personal information is kept secure
- Personal Information: the types of personal information that your website collects and processes
- Cookies: explanation of cookies and your websites use of them
- Data Protection Rights: the data subjects rights
- Contact Information: contact information for your company and the data Processing Officer and Data Controller if applicable.
- and more
Terms and Conditions Agreement
The Terms and Conditions agreement, also known as a Terms of Service contract, is a set of rules and guidelines that need to be followed by your users and customers when using your website or service. Without a Terms and Conditions agreement how will you be able to enforce appropriate use of your site?
What should be covered in your Terms and Conditions agreement?
- governing law: what country and/or state law is your company governed by.
- users rights and responsibilities: the rules governing the use of your website.
- confidentiality clause: a clause which outlines that information that is collected through the relationship via the website is not to be disclosed to any third parties unless permitted.
- security: what are the forms of security you employ on your website.
- copyright notice: Copyright and other relevant intellectual property rights exists on all text relating to the full content of the website.
- refund policy: the companies policy on refunds, if any.
- termination clause: conditions outlining the termination of agreement between both parties.
- and much more
Although the Terms and Conditions agreement is not required by law at this point, there are a number of reasons you should have one in place. With this agreement you can inform your users of their rights and responsibilities when using your website or service, you can help protect your content by adding a copyright clause, you help build trust with your users and customers as they can clearly see what is required from them when using your site and also what policies you have in place for situations like refunds and termination of accounts.
Combined or Separate Agreements?
You may wonder if you need separate policies for your Privacy and Terms and Conditions or whether you can combine the two into one document. The answer is definitely separate.
Make sure you make these policies accessible and clearly labeled so that your users can find them easily.