Are You Compliant? What You Need To Make Your Policies Valid

**[00:00:00]** hello everyone this is arando perz careno and today we're joined by H Skil from turag and I hope I said that right welcome H thank you thank you Armando and you nailed it I'm glad to hear it so H talk a bit about yourself and why is termageddon so people know where we're coming from and then we'll get into the fun of things absolutely so uh my name is Hans I'm one of the co-founders of termageddon um termageddon is an auto updating website policy solution uh so uh business owners of all shapes and sizes uh come to termageddon to help them make disclosures required under the privacy laws that apply to them and leverage termageddon um to keep those policies up toate over time um my background I ran a web design and software development business uh for how long eight years um built up a nice Team U but I sold that business in 2020 and because termageddon was kind of taken off and and yeah I run the company with my wife she's the Privacy attorney I'm just the uh the techie person who's always in the background uh and uh yeah I'm I'm really excited about today's conversation I I think there's some really timely um pieces of Education I think that can be provided today um before I move any further though um I'm thinking about my wife you know I do want to note please note this is not legal advice everything I share today is for informational purposes only excellent thank you for that Hans so let's Dive Right In how did you from that other business how did you get into building termageddon how did that need arise and how did you decide to build a tool like **[00:02:00]** this for sure so um when building a bunch of client websites um there's so much that goes into a website as as we both know there's SEO there's design there's maintenance hosting everything security everything well policies have always been there as well um but they've always kind of been put at the back burner it's kind of like the last thing you think about before you launch a website and my clients would always say you know hey what should I do for my website policies like the day we're going to launch the website and I'm like I have no idea I'm not your attorney I'm not an attorney at all um why are you asking me and uh and then that conversation got kind of awkward and then It ultimately usually resulted in them just copying a legal document from someone else's website and asking me to paste it on their website and I'd always do it because I wanted to launch the website and get paid and move on to my next project it never felt right it never felt professional it always was awkward um and um that was really the fuel to my fire um the only thing that was unique to me was that I happened to be dating a privacy attorney at the time who who's now my wife um and she came from a place where you know she was having to charge more and more and more to draft policies because there's so many privacy laws in this day and age and and so her price point was getting so high that small business owners couldn't afford it so uh we put our two heads together together and built ter eddon um so we're not a legal service provider **[00:04:00]** rather we're a tool and that is what allows us to be a little bit more accessible to small business owners um so that they can get comprehensive policies set up for their own business um without having to you know worry about am I you know is it okay to be copying legal documents from other websites um and and really the benefit of termageddon is the fact that we automatically will update their policies whenever the laws change so you know it's not just a means to get policies to help comply with today privacy laws but more so a strategy to keeping up to date with things over time that's excellent that's a wonderful way to get into something I was talking with my wife the other day precisely about something like that that scenario where you're getting asked for a service a sort of on demand personalized service and it just get keeps getting more expensive and inacessible for other people and then how can you productiv eyesee that and I what you did is fantastic because you're helping small business owners be able to get this into their sites into their tools without having to incur a heavy expense also as an aside as a small business owner you're sometimes scared of lawyers and attorneys you don't want to book a call because you might it might be too expensive you don't know what to expect are they going to give you the right things or you going to go into a hole where it's like you're never ending you don't know right but this is not the truth but it's what it's one of the perspectives that you sometimes get from from small business so having this tool just allows us to use it **[00:06:00]** and get all these benefits that's great that's awesome is mageddon if in a I know we briefly described at the beginning but just in in a few words if someone has a website why would they use a tool like termageddon yeah so um so privacy laws exist and there's more privacy laws coming and privacy laws protect people's data so someone's name their email address their phone number um often collected through contact forms of websites um even someone's IP address which is often collected behind the scenes of a website this personal information is what is regulated under privacy laws that's what privacy laws are all about protecting people's personal information well we as website owners collect personal information to run our business we need people to submit inquiries to uh get leads we need people to place orders to to grow our revenue and so um when we as website owners collect personal information we need to be thinking to ourselves ah privacy laws may start applying to me um and so there in lies a challenge and this is like a fundamental concept of privacy which is that privacy laws protect people they don't care where your business is located so what you as a website owner need to do you need to find out what laws apply to you who's whose data are you collecting where are they located and what Privacy Law laws protect them because just it doesn't matter where we're located what matters is whose data are we collecting and do those privacy laws apply to us um does that kind of help explain yeah and it brings up an important point that maybe I'm a small business owner in Texas and I look for the rules for Texas and I **[00:08:00]** try to follow those but it turns out California has stricter rules and it turns out most of my customers are in California maybe it's not the case but if that were to happen then I I'm liable for those privacy laws not the ones from where I'm located right that's right yeah California coincidentally has three privacy laws so actually up to three laws can apply to you um one applies the moment you collect a single piece of personal information like someone visits your website and you use recapture to collect their IP address to make sure they're not a bad actor now Copa applies um if you use a third party technology like Facebook pixel for example your um sipa can apply to you um and then if you and then California also has a third Privacy Law which tends to only apply to bigger businesses um but if you have like 25 million or more in revenue and then there's several other factors but something as simple as that in California's third Privacy Law CPR previously known as CCPA can apply to you so so not only can people be protected under one Privacy Law they can be protected under multiple privacy laws of to which you may need to comply with some or all of them them so isn't that just fun oh yeah Dandy what well and plus other countries yes yeah yeah just go north a little bit you're in Canada where pipa can apply and if you're collecting data from Quebec residents it's not just pipa but it's also Quebec law 25 um so so yeah and there in lies kind of the the gravity of the situation where it's like wait my website's available for anyone anywhere like what is that **[00:10:00]** that mean it was like well means a lot of laws can apply to you and and you know I I think it's always good to step back at that moment of fear and just remember you know there's companies out there that are trying to help people in these situations and and I believe a good tool like termageddon can help you you know identify these laws that apply help make the disclosures required under each specific applicable law um provide features where you can even share the license with your attorney if you want to where they can even review your policies and customize them if they need to and if I just so may being married to an attorney I can confirm attorneys are just human beings they are real people they they have real feelings they're real people um and so don't be afraid to talk to an attorney that you know and if you ever get uncomfortable with an initial call don't work with them find someone else they're they're are great attorneys out there in the in this world I can confirm I at least know one that's so funny that it's funny you mention that I don't know if you recall while back the first time I interacted with termageddon I was searching for tools s there are many out there that provide this sort of functionality that allows you to um put up privacy policy or terms and we'll talk about those in a bit but I always feel the them to be sort of an entity somewhere there's no one to talk to really except maybe support staff and I just never felt comfortable dealing with any of them until I heard about Teragon through West boss and syntax and the **[00:12:00]** I I sent it tweet and I I saw you were interacting and I was like whoa they're real human beings behind this and you said something in an email like yes we're I'm I'm real human and it was so funny because that's that's the thing I there a lot of these software businesses there's no connection from the public to the people behind it and at least from my perspective so it's funny that you touched on that uh right now I I think you I I completely agree with that Outlook you know being being coming from web design and software development I've interacted with oh nice coffee mug oh you know anyone listen anyone listening he uh armano just brought out his termageddon coffee mug which is awesome I did it says cookies no coffee yes privacy yes so thank by the by the way I it's part of my daily rotation I I love it cuz it's the right size it fits my coffee well and I use it all the time funnily enough I did not choose it for the call it was literally the one I grabbed just coincidence oh that's awesome awesome well yeah and you know with privacy I feel like it's such a um overwhelming concept that like in in just for who we are as people like we just we want to have relationships with people and and that's really a big core part of our business is working with agencies and and providing as much education as possible because well I'm sure we're going to get into it later today but you know when one person small business owners get sued 50 Grand for non-compliance with the Privacy Law that is not a fun day for anyone involved **[00:14:00]** and so yeah we're going to make ourselves as available as possible that that is for sure we're extremely motivated to just provide education not really push term again we'd rather just provide education and let let people like understand what's going on and give them the insights on what they can do about it that that is what matters most to us I appreciate that I think I can say from the community thank you for providing that sort of information and we'll get to where people can find some of this information which I know from filling out questionnaires that sometimes it links to documentation where there's a ton of information where what everything means and I do want people to know about that as well but before we do you touched on a very important point right now which is small businesses being sued for privacy issues can you touch on that what does this mean for a small business owner that maybe thinks that all this just applies to larger Enterprises yeah get that all the time we we hear that all the time about hey yeah well I'm just a small fish I don't really you know I don't you know cause any issues I just have a website and you know only big businesses get in trouble and um and I think that is a fault of just media coverage which let's be real it's it's always interesting to hear when some big company gets fined $4 billion do for privacy non-compliance um that's what captures the news articles um unfortunately what doesn't get covered are small business owners that get fined or even sued for non-compliance um and I'll give you an example um at the time of this recording over the last **[00:16:00]** 6 weeks I've had conversations with six different web designers whose whose non- termageddon clients are being sued anywhere between 30 and 60k um because one of the uh they had they received a demand letter from a law firm in California even though the some of the some of them were in California others were not um they got a demand letter saying hey I visited your website and you are using a third-party tool and I did not consent to that and I'm suing you now for damages and no one is talking about this it's Absolut I shouldn't say that lawyers are talking about it but not anyone no one's talking about in the tech industry and um the implications of this are big but what's Happening Here is we have one person website owners in particular I'm only aware of us-based business owners for what it's worth um at this moment in time at least um receiving demand letters um where they said you are non- compliance with CPA the California invasion of privacy act and we're suing and we're going to take you to court um and then people you know freak out and they ask their web designer what the heck what did you do and they start blaming other people and it's a really difficult situation and so far a lot of them have settled um one person just this week the person I to spoke to about it this week he said he's fighting it I don't know how long if he's going to or not but this is all expensive if you settle it's expensive if you hire an attorney to defend it it's expensive and it's just like if you if if if people could just Embrace privacy before it **[00:18:00]** becomes an issue for them like well done you've respected your privacy rights of your website visitors and you've prevented these lawsuits from happening in the first place um or these demand letters at least happening in the first place so um so yeah I can absolutely confirm I know from direct experience of small business owners being fined or sued and you know what I'll I'll even put throw this out at the time of this recording let's see what happens in 1 to two years I'm guessing this will become much more of a household name keep an eye out for sip a suit I think more coming that's terrifying I know from at least from a business owners standpoint it's not only the monetary aspect of it say you get sued for $3,000 $50,000 like we were talking about earlier maybe some of these companies maybe don't even make that amount in their e-commerce maybe it's a site project maybe that's what it's doing cuz it's growing it's a new business yep where are are they going to get the money for it so they freak out and the Freak Out can be a bigger problem than the lawsuit so and then lawyers have to also think about this what they doing to these people because you freeze in a moment like this where you suddenly owe more than you can potentially generate in your mind yeah you freak out and you stop doing anything well you can some people work better in this matter but it's it's a problem it's like ol logically because you don't know what to do you stop being efficient so maybe those next 3 4 days you're you're down you're not you're not producing you're not doing things properly and this **[00:20:00]** will affect your performance it will affect your relationship with customers it might affect your relationship with your family and so it goes further than just that that monetary problem yeah you start questioning like oh should I even have a website wait what if I don't even have a website how will I even grow the the stress that I've I've directly experienced from some of these customers I spoken with or Not Sorry non- termageddon customers that I've spoken with I I'm always very careful about that phrase I want to you know but uh it's It's haunting I hate it because I I can see myself in their shoes as a former agency owner who built websites all the time I would Implement third party stuff into websites just cuz you know that's what everyone does like that that's what keeps cost down when building a website is by leveraging third party technology Oles and now all of a sudden you know Californians have this ability to sue people um for not getting proper consent to using them and and that's that's such a foreign concept to so many website owners I'm sure there's people listening right now be like what third consent to third party scripts which we'll talk about in more detail here but uh but yeah it's it's it's mind-blowing so you know that's why I'm here I want to tell as many people willing to listen you know anyone who's willing to listen about privacy I already my hat's off to you um because I know it's a little bit more of a dry topic but it's this stuff is important uh to the mental and Financial Health of of any business owner I think so it is and just off the bat **[00:22:00]** because you just launch and you could have a problem launch day right because at that moment people are on the website and maybe even more people because maybe on lunch day you had thousands of visitors because you had some press and so that's even worse and So speaking of consent so what uh a lot of websites as we all know and dislike see we go to Every website and now there's a little thing that says we have cookies click accept and we have cookie we're doing so now practically all websites just have that that's a blanket thing and so it's just bothersome to people from one's perspective but do they actually do something are people actually consenting is the website actually do doing the right thing but just showing that or does the action actually need to do something behind the scenes for it to be valid so so long story short it is the lad thing that a a properly working cookie consent Banner otherwise known as a cookie popup um consent Banner there's a lot of phrases here we all know we all know them and we all love them I'm sure I'm sure everyone listening right now is like oh I love cookie banners um and and this is a form of consent and and um look I get it cookie consents are not everyone's favorite thing like I'm not going to deny that fact that that is reality I also think though that a lot of people don't realize what a proper cookie consent does a cookie consent is actually respecting your privacy rights it is a properly built cookie consent is blocking third party Technologies for example um from taking your data the moment you visit a website and then **[00:24:00]** sharing that data with third parties who Harvest that data and sell it to advertisers like a properly working cookie consent is actually an effort to respect your privacy rights and and I think I just always want to remind everyone when you visit a website and you see a properly working cookie consent you should have that just a small part of you at least who's like I can appreciate that um you know these people have taken the time to try and respect my privacy rights so so um so it's good to note that and and and so a cookie consent Banner the purpose of one is to ensure that your website is not using non-essential cookies and I know that's kind of an abstract word which we can get into but I I'll keep it a little bit more simple there's first party and third party cookies the ones that really get attention at least right now especially in the US because of these siple lawsuits are thirdparty tracking Technologies and so a good cookie consent Banner will block those thirdparty scripts from loading in the first place and only after a user gives what's called an explicit action meaning they've taken an action and clicked accept or accept all allowing these third party Technologies to run that is what gives website owners a Tim stamp the moment someone consented to their data being shared with third parties and that they had full knowledge of it so when you see a cookie Banner that says hey we use cookies deal with it and you just have a giant okay button that is non-compliant with every single cookie po cons uh law that requires a cookie consent solution to add to a little bit of complexity here **[00:26:00]** there's also different types of cookie consents based on what laws apply so I mean you know couldn't be more fun enough right you not only need a cookie consent you need a different one based on which laws apply to you um and that brings me back to you know it all comes back to finding out what laws apply to you because only then can you determine the disclosures you need to make in your policies and the type of consent Banner you need for your website um but yeah getting consent first prior to tracking people prior to implementing Technologies onto their browsers that that that track them or or do things for non-essential purposes is why these cookie consent exists and I also want to note the word consent is important here because this is also why when someone's typing in their contact information through a contact form why there's checkboxes that say I agree to the privacy policy where the checkbox is unselected by default but a required field that is a form of consent as well that is the moment you get a timestamp they consented to having their data be collected by you and often shared by you as well so um does that kind of help with the answering oh yeah it does and there's an additional part of it which is well this might make sense okay there's third party cookies and there's first party cookies for those non-technical first party just means that maybe your website needs cookies in order to function because you need to store their session or anything like that their favorites or whatever your website does maybe their shopping cart Etc that from what I understand is fine because it stays within your website and it's **[00:28:00]** part of the website what these privacy laws are are fighting against is that you grab their data and instead of just using it for your own functional purposes you share them with a third party for whatever reason it might not even be an nefarious reason of selling data it might just be that you need it in order to use analytics or you need it in order to give customers support Etc so there are very genuine reasons why you use third party cookies and the privacy laws just State the need you to State the purpose of you sending that that data over even if it's for an essential purpose or if it's for a functional purpose or whatever marketing Etc and so I think a big issue here is okay maybe we understand that but from my point of view a few years ago I would say okay great I really want to help my customers privacy issues be handled from the beginning which cookie consent tool can I use how do I implement it on a website and then you have to step back and say oh no if I'm doing things right the thing has to stop scripts from running how am I going to do a little popup thing that will decide not to run Google analytics or not to run recapture or not to run whatever this is going to break my site how is it going to work where I'm going to store the consent and so this is all very complicated even from a technical standpoint it is so I I was really surprised I've using termageddon for a while but there was one thing I didn't know it actually did so I know we're capturing consent right um there's **[00:30:00]** this for for those who don't know termagon there's a user Centric part of the cookie consent um package that that the termageddon offers and so you have your little popup and like H said it looks very nice because it tells you the side uses cookies blah blah blah in the right language and it actually has like functional and what are the other options um sorry functional essential and then marketing right so you have those tabs and you can check them you can say accept all right so it looks very professional so you just put this in your website and it looks great and so at some point I thought great so I'm compliant I have everything I need people can choose to De accept some of those or all of them and that's great and that solves it but then I was installing a new plugin on a site specifically a calendar plugin that coincidentally has a Google Maps aspect to it because events typically can have maps and so I'm running it on the staging environment and I'm testing everything and the map doesn't run and it says a little pop comes up to to the development site and it says you cannot see this because you have not opted given consent to receive this and like whoa so it is actually just because I'm adding a new tool that I didn't fill out in the questionnaire when setting this up it is going as far as blocking those scripts for me because maybe is had made a mistake and didn't include it in the consent form so this is great can you talk a little bit more about the usercentrics part of it and how that works for someone who installs a tool **[00:32:00]** like termageddon yeah absolutely so and and I I want to note real quick um so first party cookies yes correct the the vast majority of first party cookies are um a essential like they just need to work to log into a website or or to um you know otherwise if you didn't have first-party cookies like if you went to Amazon every single page you visit you would have to relog in every single page you click every link you click you know so the vast majority of first party cookies are indeed um essential there are some non-essential ones but but really I think at least right now the big stickler is the third party cookies and just like you said cookies are not a bad thing they're a great thing they help people use a website they help people they help website owners understand how people use a website they help secure a website so cookies are not a bad thing it's just that there's some regulations that require us to disclose what cookies we use and get consent for some of them that aren't truly necessary to the website working and the way user Centric works is it is focus on blocking thirdparty scripts from loading in the first place and and and I love that backdoor feature where if you add a technology to the site and and you're not sitting there thinking oh I should update my privacy policy which let's be real the average small business owner is not there yet um I love that back door protection where they just block all third party scripts and then give you like a little blurb that says hey you need to go into your termageddon account and and add in those third party **[00:34:00]** services so so user Centric is a european-based consent provider with us being us-based we partnered with them that is a long WID story I'm more than happy to get into um it has to deal with data transfer laws and all that stuff but long story short they're called user Centrics they process about 60 billion consents every single month um they're a massive massive um um uh CMP um consent management um provider and um and yeah we partnered up with them to provide a consent uh solution to our customers and what's cool about termageddon is that you know when you go through our privacy policy questionnaire our tool figures out what laws apply to you so our tool figures out if you need a cookie consent solution and if you do what type of cookie consent solution you need I see so many people I see like companies that clearly um CPR would not apply to them maybe they're a brand new business with zero revenue and they think they need to comply with CPR cuz some websites said you do when in reality you don't you're tiny and that law is just too big to apply to you so that's why I'm a big believer in Step One find out the laws that apply to you because that g step two it makes it super easy get all the disclosures required under those applicable laws provide the consent Frameworks that you need to your website visitors that's great yeah I I really found that very good the question itself is very easy to use as well it's long it's long but it needs to be long because of what you just said so for people listening if you've ever done your own taxes for example **[00:36:00]** yes you could go to the IRS in the United States and you could read all the instructions for the form and you might figure it out and you might fill out your form correctly maybe or you can use a tool there's many out there I won't name them but there's many tools out there that allow you to fill out a questionnaire that takes you step by step in language regular people can understand and then it fills out the form for you so in this case the questionnaire is great because although it's long it will allow you to at the end know if you need to use certain things if certain privacy LW of blah blah blah right and and then also it asks you the specific Services which we covered earlier what third party tools are you using and even for your first party stuff what are you doing with the data how what data are you Gathering what's the purpose of each field that you're Gathering and sometimes at least in my perspective when I was looking through it you're filling it out and it asks you why are you using this information and you have to fill it out for each field name last name IP address credit card information Etc and sometimes you it helps you to step back and see oh okay so maybe I don't I don't really need this maybe maybe I'll take that off my form or maybe I I I will stop sending that to Google I don't need to send it to Google because it just makes it look like I'm sending a lot of data because remember people the once you do this it gives you a very detailed privacy policy which states everything that **[00:38:00]** you're capturing and why so that you're compliant so and then so that means everyone can see exactly what you're capturing which is a good thing but if you yourself feel at looking at your policy wow I it looks like I'm capturing a ton of data maybe you don't need all of that data I love it I love that mindset and that you know that leads into what's called data minimization which is a wonderful privacy practice collect what is only necessary to run your business don't don't you know and I I such a good example do you really need to ask people's birthday to send them an automated birthday email like do do you really need to do it and and so it's it's it's it's moments like that where it's like okay now I have to select I collect your age and it's for what marketing is that really necessary for for whatever business you're in and maybe it is of course maybe it is um for certain businesses but there in lies like I'm I'm just so happy that that was your experience going through it because um you're right for the questionnaire you went through you had to go through a much more extensive SE question sometimes the questions aren't on a per personal information basis it just depends what laws apply um uh but yeah you had to go through one of the more difficult ones our tool provides and that's not a bad thing that's a good thing you walked away with Comprehensive policies but I just love the fact that your takeaway was oh maybe I should reduce the amount of data I collect because I think that's the future of thinking about how do we run websites do we **[00:40:00]** we we should be about all about collecting as little data about our users as possible not as much and I get it I'm coming from a privacy compliance standpoint I'm sure everyone in marketing right now is like I hate this person like I want as much user data as possible and and I'll I get it of course I get it I respect that goal um just know that there's regulations that are going to be um combative with that Outlook I guess it's at least something to acknowledge so and for the marketing people I've been in the marketing space as well for a long time I written a couple of books trained thousands of people on Facebook advertising through the years it's it's a fun practice it's great to have all the data that you can to do targeting detailed targeting and and have a good idea of who the customer is but remember at the end of the day if you're capturing their birth date for example more than likely you're not storing it yourself on your server and using your server to send that email you might if probably if you're a bigger Enterprise not that likely if you're a small business you're probably using active campaign or drip or whatever tool you want to send out that email which means you're sending that person's name last name address birth date to a third party that you no longer control so if that third party has a leak then it's a problem and so keep those types of things in mind just think about your data and whether you'd like another company to move your data around because we see so many leaks out there it's not like rare that that a company gets **[00:42:00]** hacked and and and data gets leaked and I don't know what you think of his hands but most of the things we hear about hacks it's not like oh they took over the site and and defamed it or they modified the functionality or they stole a bunch no most of the time it's a data breach it's there oh nothing happened to the site everything works fine but they took customers it's worse yeah no absolutely I I Bo it's music to my ears hearing you talk this way because usually when we get interviewed it's it's I have to go through like just like some Basics here but you're you're philosophically addressing this and I think that's just so important that we understand that when we're collecting and sharing data with third parties so so many business owners like I don't share data whereas sharing data is quite common perfect example of Shar is sharing an email address of your subscriber with active campaign and it's not a bad thing I always say that it's not a bad thing but is it a disclosure requirement under a ton of privacy laws absolutely absolutely you need to acknowledge that so um and and that's why I love privacy laws and and I always say that I I'm not fighting against privacy laws I actually believe in privacy rights for everyone and and I think every just about everyone feels that way too um what's certainly unfortunate is the demand letters that these business owners are getting consquences ofing but in my mind now we have two reasons to get with this to respect our privacy to respect the Privacy rights of our website visitors and also to avoid fines and lawsuits I mean that's a win-win in my **[00:44:00]** opinion so yeah it's to embrace it yes speaking of these LW many of them which may or may not app play do that's that's I don't use a tool like teret M I Do by the way but let's say we don't and I work with my attorney and I build out a very detailed privacy policy and it cuts me a t costs me a ton of money set it up put it up there am I good or do I need to update it periodically based on the changes of those privacy laws through time yeah absolutely so privacy laws change often I I shouldn't say often because that's like a word up for interpret but the UK data protection act for example is being considered for changes at the moment of this recording um Australia's Privacy Law I believe just changed um that's been around since 1988 um and at the time of this recording next year we have four more us privacy laws brand new privacy laws going into effect requiring new disclosures if applicable to your business um so so yeah policies are no longer a static thing they are going to be an everchanging component of your business not just when you change your own privacy practices like Armando ex provided a perfect example implementing Google Maps into a uh calendar feature it's not only about when you change features of your website but it's also about do new laws or amended laws require me to make change so you know and I always say if you can afford an attorney to draft policies for you monitor laws notify your changes keep those up to date of course go that route nothing beats having an attorney provide you with legal advice it's just **[00:46:00]** when you don't have those types of funds around laying around a tool that does that can be an excellent Plan B um especially a tool that's attorney friendly too that's always a plus um um so yeah it's you know we want to make sure a strategy is in place and and that is a very foreign concept I think to a lot of people and that's just where we're heading though and that and that's what I think everyone should embrace yeah yeah okay maybe you have funds for an attorney or maybe you use a tool like termageddon you should be set what about building a policy with Chad GPT uh yeah so uh so we have a great blog article on this and um and so what we did with uh we we tested chat jpt um we wrote we said write me a privacy policy and it spit out a privacy policy it was non-compliant with every single Privacy Law in existence we then said write me a gdpr privacy policy it was non-compliant with every single Privacy Law including gdpr we then though and I will acknowledge this we then said write me a privacy policy with the f following disclosures and we listed out 40 disclosures um that were requ that for this example were required of the user to comply with gdpr not going to lie it nailed it it actually did a wonderful job and I'll I'll admit it like I'm happy to admit it it actually did a wonderful job we were like that's impressive um so so we we take a step back and think about it okay what does that mean well I think the average user does not know which laws apply to them right let alone **[00:48:00]** which disclosures are required under which laws so I think that's challenge number one Challenge number two is where are the automatic updates like where are where when are you going to be notified when laws change when new laws impact your business specifically and what specific new disclosures you need to make um also the Challenger chat so those are the two I would say core fundamental concerns I would have um and then another just side note but privacy laws are conditional based and I'll give you an example Rhode Island uh just passed their Privacy Law and my wife uh was just so delighted here that she actually has to create two different sets of questionnaires because Rhode Island based on your Revenue size you'll have one type of disclosure set for privacy policies or you'll have a different type of disclosure set all based on your Revenue so so I chat GPT is not there yet I mean if it can like respond back be like okay well what's your Revenue how much um money do you make every year uh how much data do you process on a per state basis um okay then then it may be competitive uh with us and then it would also have to figure out how to auto update your policies over time but but yeah right now unfortunately um it's it's just not there it's uh I would argue it's it's quite concerning um and and this reminds me I'm a part of a social network group where um I was talking about siple lawsuits and I said hey if you're using I I was sending out a PSA to this group of of web designers in particular and I said hey if you use um Facebook pixel **[00:50:00]** um to track users but yet don't really actually use it anymore maybe it's like from an old campaign from years ago but you still have pixel on your website you need to remove it um because there's a lot of loss suits right now around that um issue and someone wrote back like sippo only applies to websites that use live chat features and I'm like well no I mean yes it could apply to websites using live chat without getting consent first but that's not accurate and this person was so confident and then after a few exchanges she was like well chat GPT told me this and then she provided us the message that chat GPT did and it was so inaccurate that like I only could pick out like four things to itemize but like like everything was wrong and looked really good and it looked deceptively good but it was just so wrong um on so many levels they they referenced a law that didn't exist anymore um they may they confidently said it is only related to live chat features when it absolutely is not um so so yeah I would be cautious um to to rely on Chad GPT for for legal related items um but I don't think I'm a I don't think I'm alone in in that recommendation no I don't think you are it it looks that's the problem so I'm I'm a big fan of of llms for certain things a completion drafting it's a great tool to help you but when you ask it to get things where it actually needs data um it the hallucinations part of it that mean for those who don't know that just means sometimes it makes things up and it'll make up **[00:52:00]** sources and references and so um maybe a tool like perplexity might be better for that sort of thing because it goes and grabs sources but still for things like this look for sites that actually have the real information the references so that you know which policies apply to you and then if you want to use it as a tool to draft maybe it's okay but you have to first make sure what you actually need to have and so in that sense is there somewhere people can go to let's say they cannot use termageddon because they cannot pay for it or or their company doesn't allow whatever how do people know about all these resources says where can they find information about what applies to them or what they should answer in a questionnaire yeah so um I would say our blog can be an excellent research like go to our blog and type in compliance guide and you'll see every single resource uh every single Privacy Law we cover uh which is over a dozen and you'll be able to see the compliance guides and the first part of the compliance guides is who does this law apply to so you'll be able to you know maybe you'll have to open a bunch of these links in a new tab but you can go down the line that way and figure out which laws apply and then below we just say all the disclosures required under each so I mean hey look if you're trying to save 120 bucks like yeah that could be a route to do it it might cost you a lot of time but that could be a good resource for anyone listening from New Zealand uh for what it's worth **[00:54:00]** New Zealand offers a free privacy policy generator right from the New Zealand Government website um granted it only covers New Zealand's Privacy Law but hey that's a great thing you can consider doing if you're if you're a business solely servicing people in New Zealand that could be excellent for you so um so so obviously I'm biased but I'd like to think that our blogs are are rather comprehensive uh with uh the compliance guide articles specifically that we provide that could be a great resource thank you that's a great resource I I frequent it when I'm filling out the the questionnaire because I fill the questionnaire for different customers and they has a little information tool tips and sometimes it takes me to your blog and to your knowledge base and it's very helpful because that way I can see what each thing means without it being overly cluttered in the actual questionnaire so I'll share this with you I haven't shared this publicly yet but uh our new UI or you our new interfaces just around the corner uh for being launched and uh very soon our our little resource links are not going to open in a new tab it's going to be embedded into the site and it's called terer and it's actually video like 10-second video recordings of me with the supportive text right below it so I'm so excited to release that cuz I just I feel like it's more accessible cuz I feel like if you have to click a link and it opens in a new tab that's kind of annoying so this will stay in page it'll be like a 10-second video of me explaining how best to answer the questionnaire and also just supportive text right below **[00:56:00]** it too so oh that's exciting I'm looking forward to that as well so H I know we're we're Limited in time here but where can people find you and termageddon and on social website Etc and what would be your recommendation for anyone who's launching a website or maybe that they already have a website yeah so so to reach us um termageddon um so we're termageddon dcom so it's like term agon so t r m a g double D N.C um yeah when I when I bought that domain I did not realize how many times I had to say that one out loud but in the footer is all our social media links I hang out on Twitter my wife hangs out on Instagram so chances are and in our marketing person handles everything on that front so we're we're pretty social send us an email if you have any questions or just want to ask us anything we we're probably say you know please not this not legal advice and then we'll you know happy to share free thoughts for you um and um sorry what was in the second question was what was the second yeah what do you recommend for anyone yeah jumping into a website or or maybe they already have a website for years yeah absolutely so when getting going with the website um hey you know I think obviously I'm going to say you need to take private in consideration of course I feel that way um but hey if there's a bright side you're not coming with 10 years of experience dealing you know not respecting privacy rights in in a in a large sense you're in a you're in a great position because you can start foundationally with **[00:58:00]** keeping privacy in mind and so don't underestimate the benefit of that um you have the opportunity to start with the ground floor building in respect building your business and respecting pe people's privacy rights out the gate I'd actually say congratulations like Embrace privacy you're going to be in a great place excellent that's great advice I really appreciate it Hans thank you for joining us on this video today and to everyone else uh be make sure to visit termageddon either on social or on their website the tool is fantastic by the way I use it uh might be biased because I use it but I tried other things and it's just very easy to get going with it and I myself feel secure by using it so thanks again and uh if you like these videos make sure to like And subscribe and I'll see you in the next one bye everyone