As with any business, you always want to be sure you’re complying with any and all regulations. Recently, a new regulation from the GDPR has been getting the spotlight and it might very well affect you. It’s why you’ve been getting so many emails lately about websites changing and updating their privacy policies, and it’s why you should be doing the exact same thing.
As you may know, privacy policies are about as different as they can be. Each one is specific to its own website and so is yours, so I can’t tell you exactly what you need to include but I can help to give you some tips.
You also need to be sure that from now on any data collection MUST be consented to. This can be through an email, a checkbox, or even a text. As long as they confirm it and it’s legally binding, it’ll work. What won’t work anymore is passive acceptance to the document. In other words, people need to be informed and consent now rather than implied acceptance upon using your website.