Data Protection
Under data protection law there are limitations on the use of third party personal information. The website should set out a privacy policy setting out how the business uses and protects information given when the website is used. It should set out the information which may be collected such as the personal particulars and contact information.
The website should state the purposes for which the information is gathered e.g. record keeping, improvement of services, periodic sending of promotional materials and market research. It should set out the rights of the user under the Data Protection Act including the right to correct incomplete or incorrect information
The privacy policy should state how cookies are used. A cookie is a small file which asks for permission to be placed on a computer’s hard drive. The file is then added with the cookie helping to analyse website traffic, giving information when a particular site is visited. Businesses should set out how cookies are being used It should set out that the user may choose to accept or delete the client cookie.
The Internet policy should highlight the website users rights in relation to the collection of personal information. For example, if there is a box that can be clicked that restricts information being used, this should be highlighted. If a user has previously consented to information being used for direct marketing purposes there should be a facility by which this may be stopped or revoked by email or in writing.
Terms and Condions
A business should ensure that its website includes a notice setting out the terms and conditions of usage. The notice should state that if the website is used or browsed, the user is agreeing to comply with the terms and conditions and its relevant privacy and other policies.
There should be a website disclaimer which sets out the limits of liability for use of the website and the information it contains. For example, it would be appropriate to set out that a website is for general information purposes and no representations or warranties are made expressly or impliedly about completeness, accuracy, reliability, suitability or availability in relation to the website or any information, products, services or matters contained in it. All reliance should be strictly at the user’s risk.
Intellectual Property
The website should set out restrictions on use for copyright purposes. For example it could state that such and such content is the copyright of the business and that any distribution or reproduction is prohibited other than under stated limited circumstances.
Website Notice
A website notice should set out at least, the following terms:
- that the pages are by way of general information and use and may be changed
- that no guarantee or warranty is given in relation to accuracy, completeness, suitability of information and material on the site or for any purpose
- that the use of the website is stated to be entirely at the user’s risk
- that the website owner has no responsibility or liability arising from its use
- that material which is owned or licensed may be included in the website including layout, appearances, and graphics
- that the reproduction of this material is prohibited other than in accordance with copyright law
- that any trademarks on the website which are not the property or licence of the operator are acknowledged
- that unauthorised use of the website might give raise to a claim of damages or be a criminal offence
- that links are provided for convenience and do not signify endorsement of any website
- that is not permissible for a third party to create a link without consent
- that use of the website is subject to the laws of (Ireland)
E-Mails
E-mails should contain an appropriate disclaimer. By law, the company name, registration number, country registration, registered office, must be included. It is advisable to state that emails and attachments are confidential and are intended for the addressee only, that views and opinions do not necessarily represent that of the business and that if the recipient is not the intended recipient no action must be taken based on the mail nor should it be copied or shown to anyone else. A request should be made to contact the sender in the event of an erroneous receipt.
Internal Internet Polices
Internal internet policies are recommended given the potential liability which a business can incur by reason of its employees use of the internet. The internet policy should set out, employee’s responsibilities in using internet access in day to day working business.
The policy should set out principles in relation to unacceptable behaviour from the perspective of visiting inappropriate sites, using the internet to perpetrate fraud, software piracy, downloading software in breach of copyright, creating and distributing defamatory material and introducing viruses.
The internet policy should specify that the business maintains the right to monitor its internet related resources including internet sites visited. The specific contents should not be monitored unless there is a suspicion of improper use.
An acceptable e-mail use policy should be provided. Unacceptable behaviour could be specified, including for example; use for personal business; for chain letter purposes; forwarding of confidential company matters to third parties; distributing disseminating storing, indecent pornographic, obscene or illegal material; distributing disseminating or storing materials which are discriminatory offensive, abusive; accessing copyright materials in breach of copyright; broadcasting unsolicited personal views; transmitting unsolicited commercial or advertising material; undertaking activities that waste staff time and introducing viruses.
