This is a little tricky because laws are written in legalese and every state is different.
Privacy policies are there to protect you and your potential customers.
Whenever your website collects a name and email address, you’re collecting Personally Identifiable Information (or PII).
Over a dozen states have proposed or already are implementing privacy laws to protect the Personally Identifiable Information (PII) of its citizens. Each of these laws has unique requirements as well as unique penalties for not complying. Some states are proposing businesses be fined over $5,000 per infringement (per website visitor). Some states are proposing private right of action (meaning citizens of that state can sue businesses anywhere in the US).
https://termageddon.com/why-use-policies/
As of right now, South Dakota isn’t one of those states with new privacy policy laws, but if you may be doing online business outside of South Dakota, you do still need a privacy policy! Simply put, a privacy policy states what you intend to do with a client’s information once you’ve collected it.
As of July 1, 2018, South Dakota enacted a data breach notification law.
The new law generally requires an “information holder” to notify South Dakota residents of any “breach of system security” involving their “personal or protected information.” An “Information holder” includes “any person or business that conducts business in the state” and owns or retains “personal or protected information” of South Dakota residents… Notification must be made to any South Dakota resident “whose personal or protected information was, or is reasonably believed to have been, acquired by an unauthorized person.”
https://www.natlawreview.com/article/south-dakota-enacts-data-breach-notification-law
What this means is that if you have collected PII, you must notify South Dakota residents when their information may have been taken from your system.
The best way to protect yourself is to keep an updated privacy policy visible on your website at all times and link to it wherever you have a contact form. Now, not many of us can read legalese, much less write it!
That’s where my friends at Termageddon come in!
Using Termageddon, you can easily set up a custom Privacy Policy, Terms & Conditions, End User Agreement, Disclaimer, and more in minutes. Once you copy their code into your website, they keep it updated for you when laws change!
If you sign up for Termageddon using my affiliate link, I’ll still be able to help you install it. Win-win!