If you don't have a cookie-cutter business, don't use a cookie-cutter privacy policy.

The United States has a patchwork of state and federal laws that apply to privacy policies and what must be included in them, based on several factors, including audience age, industry type, data collected, and location of the data subject or site users.

Most Privacy Policy generators fall short of compliance

If you are operating a website geared toward children, or your business is subject to the U.S.’s regulated industries, such as: insurance, finance and banking, real estate, higher education, or health care, most terms of use and privacy policy generators do not offer the policy solutions required to assist you in complying with applicable U.S. laws.

Privacy regulations can be quite complex, and with the added challenges of international, federal, and state laws, it is essential to discuss your company's privacy policy with an expert.

Does your privacy policy clearly state how your company would handle a data breach? Does it delineate your relationship with third-party data processors and if there are data processing agreements in place?

With GDPR came broader international awareness of privacy rights and the potential ramifications of non-compliance.



Kinney Firm can draft the right privacy policy for your audience and industry

Kinney Firm has the knowledge and expertise to assist you in drafting a privacy policy that conforms to your data collection, transfer, and storage practices, and includes provisions to comply with the audience and industry-specific laws that most privacy policy generators don’t cover, such as:

  • COPPA - Children’s Online Privacy Protection Act, U.S. Federal Law applicable to websites and applications marketing to children under 13 years of age.
  • HIPAA - Health Insurance Portability and Accountability Act, U.S. Federal Privacy Law to protect sensitive medical and patient information. 
  • FERPA -  Family Educational Rights and Privacy Act, U.S. Federal law that protects the privacy of student education records.
  • GLBA - Gramm-Leach Bliley Act - U.S Federal Law that protects the privacy of consumers and their information. 
  • TRID - TILA-RESPA Integrated Disclosures - If your site offers mortgage calculators, real estate closing or settlement services, collects, transmits, or stores real estate information related to sale of U.S. real estate, your privacy policy may need to include additional information about that data.

We work with you to discover the data your organization is collecting, where that data is being transferred, shared, protected, stored, and deleted, to draft privacy policies customized to your specific needs and that keep your site users adequately informed, as required by applicable U.S. law.



Schedule Your Privacy Policy Consult

The time required to research and draft your custom privacy policy will vary based on the complexity of laws applicable to the data you are collecting and your knowledge and documentation of your own data collection practices. Scheduling a consultation is the necessary first step in discovering where you are and what you need, to get the custom-drafted privacy policy to incorporate into your organization’s privacy framework.