Categories:
Design and TechnologyDigital MarketingIn the CommunityInside ArcStoneNonprofit HelpTips and Tricks

Website Policies: What Your Nonprofit Needs to Know

Lisa Hirst Carnes | March 2021

Share

website-policies_featuredimage

A nonprofit website, in addition to telling visitors about the organization’s mission, events, and fundraising activities, needs to mention certain policies. Currently, there’s been a lot of attention on websites complying with privacy laws such as GDPR. Nonprofits have their own particular concerns. Let’s look at what policies you need to clarify on your nonprofit website.

 

The Evolution of Policies

 

It seems that every few years, websites are posting more policies on issues such as privacy, cookies, data collection, and more. In fact, since the early days of the internet, governments began imposing requirements for website owners to be transparent about their policies. Over the years, these requirements are getting more strict. Here are some key developments over the years.

COPPA Children’s Online Privacy Protection Rule, passed in 1998, applies to the collection of data on children under 13 years old. It covered what information websites need to disclose as well as what type of consent is required from parents or guardians.

Gramm-Leach-Bliley Act — This law, passed in 1999, requires financial institutions to disclose how they share and safeguard consumer data. It requires websites to provide users with a way to opt-out of having their information shared.

E-Government Act of 2002 — This act was implemented to ensure that government agencies perform a privacy impact assessment for any actions where personal data is collected.

GDPR — This far-reaching policy, passed in 2018 in the European Union (EU) but has implications for websites all over the world, since the internet is global by nature. It requires websites to post their policies on data collection. It also requires that personally identifiable information such as full names, account numbers, or social security numbers be anonymized.

These are some landmark laws and regulations involving online disclosure of policies. The laws are constantly being fine-tuned. What makes it so complicated is that laws can be passed by local and national governments while the internet is global. To be safe, websites today need to be as transparent as possible about their policies.

gdpr

 

Why Your Nonprofit Needs to Post Its Policies

 

  • Laws such as GDPR apply to all websites. However, in some ways, nonprofits need to be diligent about revealing their policies. There are several reasons for this.
  • As a registered nonprofit, your organization has to abide by a variety of rules established by the IRS. To maintain your legal status, it’s necessary to comply with all relevant laws and regulations.
    An organization that engages in fundraising has to be careful about safeguarding donors’ personal and financial data. It also needs to be clear about how any information is protected and shared.
  • Privacy protection for members and donors. While privacy is important to everyone, it can be a sensitive issue for people who belong to and/or donate to certain organizations. Many people want privacy when it comes to the causes and organizations they support.

terms-and-conditions

 

What Policies Do You Need?


Let’s look at the policies you actually need to post on your website.


Terms of Use


Terms of Use is an agreement between a website and users. The usual policy is for users to check a box stating that they agree to these terms. This is an important feature on any website, as it protects you from liability on many issues. The Terms of Use is a general agreement that includes many areas, such as privacy, cookies, user accounts (for sites where users can sign up), rights of content posted on the site (e.g. users cannot copy and reuse content), and acceptable use policies.


Privacy Policy


A privacy policy can be posted under terms of use or created as a separate page or section. This is one of the most important policies to post on your website and should include:

  • Any personal information you collect.
  • Cookies you collect.
  • Data you collect for analytics.
  • Your policy on sharing user data.
  • Security measures you take to protect data. As Nolo suggests, however, you should also point out that it’s impossible to guarantee that data is completely safe from malicious attacks.

GDPR


The General Data Protection Regulation (GDPR) is one of the most extensive international regulations passed in recent years. Even if your website and organization are based outside the EU, you may have users who log in from there, so you should remain compliant with these regulations. You can post your GDPR compliance policy under terms of use or privacy policy.


Accessibility Statement


Web accessibility for users with disabilities and impairments is becoming an increasingly important issue. The Web Accessibility Initiative (W3C) provides guidelines for creating an accessibility statement where you discuss how your site is accessible to people who have issues such as visual or audio impairments.

website-policies

 

How Do You Create and Post Policies?


Here are some guidelines to consider when creating and posting policies for your nonprofit website.


Consult With a Legal Expert


It’s always a good idea to seek expert legal advice when creating guidelines for your policies. Every organization is a little different, and you want to make sure your policies are posted clearly and accurately. Don’t skip this step!


Start With a Template


You can find privacy policy templates and other such forms online, either for free or for a fee. These, of course, are generic and need to be customized to your needs. They can still be a good starting point to make sure you cover all the basic points. Find the best website builder that suits your need.


Study Policies Posted By Other Nonprofits


Below are some examples, taken from nonprofit websites, that you can use for research.


National Council of Nonprofits Privacy Policy

American Red Cross Terms of Use

Feeding America Donor Privacy Policy

HealthPartners: Designed for Everyone Accessibility Statement

Sierra Club: Equity, Inclusion, and Justice —This isn’t a legally required page but highlights social justice issues that are important to many organizations and their members.

AARP: Do Not Sell My Information — This page is specifically relevant to California’s privacy laws and gives users the chance to opt-out of having their information sold.

Amnesty International: How We’re Run — This page provides information on many aspects of the organization’s policies on topics such as finances, public accountability, assessing impact, and more.

As you can see, there are many ways nonprofits can reveal their policies. Some, such as terms of use and privacy policy, are mandatory, while others are useful for transparency and building trust with the public.


Be Sure to Post Your Policies on Your Nonprofit Website


There are several reasons that you have to be conscientious about having your policies clearly visible on your website. You want to make sure you comply with laws. You also want to provide your visitors and members with as much information as possible. This helps you build trust and reassures website users that you take their privacy and accessibility seriously.

ArcStone helps you design and manage beautiful websites for nonprofits. If you need help implementing your policies, contact us.

21_ctas_website-08

 

Talk to a Digital Strategist

Questions about your project? We can help.

Let’s chat