Episode 270

Beyond Expensive Lawyer Fees and Cheesy Privacy Policy and Terms and Conditions Generators with Donata and Hans from Termageddon

How you can go beyond expensive lawyer fees and cheesy privacy policy and terms and conditions generators with Donata and Hans from Termageddon. Termageddon is a generator for privacy policies, terms of service, disclaimers, and end-user license agreements for websites and apps that allows you to be compliant with the latest laws in your area. The terms and privacy policy will also update automatically when new laws that affect your setup are put into place.

Beyond expensive lawyer fees and cheesy privacy policy and terms and conditions generators with Donata and Hans from Termageddon - Donata

One of the most important things to understand when doing business online is that you don’t just need to follow the laws of where you have your business registered. You also need to follow the laws of the places where you do business. For course creators this can be a world-wide thing, so making sure your privacy policy is in compliance everywhere people buy your courses from is important for legal protection.

With an increased focus on privacy online from consumers and government bodies, being compliant with the law is more important now than it has ever been before. And it will likely continue to become more important moving into the future. With policies such as GDPR in Europe, not only do business owners in Europe need to follow those laws, so does anyone selling courses in Europe. If you’re caught out of compliance with those laws, you can be fined and banned from doing business in designated countries.

Beyond expensive lawyer fees and cheesy privacy policy and terms and conditions generators with Donata and Hans from Termageddon - Hans

Many course creators who can’t yet afford to hire a lawyer to build them a privacy policy will turn to copying, pasting, and modifying a competitor’s privacy policy who likely hired a lawyer for theirs. The issue with that setup is when the policy is updated, you may not know about the update unless you constantly check their policy. You may also do business in a segment of the world that they don’t, and you could be out of compliance in that area.

At Termageddon.com you can learn more about how you can get a constantly compliant privacy policy and terms of service for just $10 per month. Making sure you’re always compliant everywhere you sell courses will help you sleep easier at night knowing you’re not at legal risk with your business.

At LifterLMS.com you can learn more about new developments and how you can use LifterLMS to build online courses and membership sites. If you like this episode of LMScast, you can browse more episodes here. Subscribe to our newsletter for updates, developments, and future episodes of LMScast. Thank you for joining us!

This episode was sponsored by WP Tonic Managed WordPress LMS hosting. Click here to learn more, and use coupon code wptonichosting50 to save 50% on any annual plan.

EPISODE TRANSCRIPT

Chris Badgett: You’ve come to the right place if you’re a course creator looking to build more impact, income, and freedom. LMScast is the number one podcast for course creators just like you. I’m your guide, Chris Badgett. I’m the co-founder of the most powerful tool for building, selling, and protecting engaging online courses called LifterLMS. Enjoy the show.

Chris Badgett: Hello, and welcome back to another episode of LMScast. I’m joined by two very special guests, we have Hans and Donata from Termageddon.com. Termageddon helps you with your privacy and terms pages on your website, which is a question I get asked all the time, but first, welcome to the show, you two.

Hans: Thank you.

Donata: Thank you. Thank you for having us.

Chris Badgett: Hans and Donata, like me, are a little bit different in the tech space. They’re really into stuff like farming and chickens and dogs. Well, lots of people are into dogs, but it’s cool to connect with some other people that like to grow some of your own food and have some animals and whatnot. It keeps us healthy in tech to get outside of the building sometimes.

Hans: Right.

Chris Badgett: I’m stoked to meet up with you guys. Termageddon, what does it do?

Hans: Do you want to take it?

Donata: Sure. Termageddon, we’re a generator of privacy policies, terms of service, disclaimers and end-user license agreements for websites and apps. What makes us special is that we automatically update our clients’ policies whenever the laws change, so you don’t really have to keep track of all of that stuff.

Chris Badgett: I think that is super cool. I get this question a lot, and really because over in like course creator membership site land, LifterLMS land, the website is the business. It’s not just a brochure for the business. Most businesses have some kind of like legal ramifications, and on the web, privacy is a big thing. We’ve seen GDPR roll through. Our audience is really international and they just want to have like a good baseline. Some of the advice I hear people giving around terms and privacy pages are to do things like, if you’re just starting out, go look at somebody’s website that’s like yours that probably had enough money to hire a lawyer and just kind of model it. I mean, that’s okay, but what’s wrong with that approach?

Donata: When you’re copying and pasting stuff from competitors or from other websites, you don’t really know what you’re copying and pasting. Like you said, they probably had a lawyer who wrote their privacy policy, but what if they didn’t, or what if they had a lawyer write it five years ago and there’s been a bunch of new privacy laws since then and now that policy is completely out of date, or what if there’s a new law coming into effect a month from now and your privacy policy doesn’t update because you stole it from somebody? At that point you’re out of compliance too. You’re kind of rolling the dice on a bunch of unknowns when doing that, I would say.

Hans: Yeah, and just to take it a step further too, and kind of reiterate what Donata said, even if you were to copy and paste a competitor site, and even if that were to completely get you compliant, it’s only getting you compliant for that moment in time. Are you going to create a task for yourself to every week go back and check your competitor website policy to see if it updated or not? We’ll probably speak to that later about why policies need to be updated when the laws change as well.

Chris Badgett: How does it work? With Termageddon, does your terms pages actually automatically update when you guys change something on your side, or how does it work?

Donata: Yeah, so when somebody signs up for our service, they would answer a couple questions about their website and their business. For example, what information do you collect and who do you share it with? Then they receive an embed code. They would put that embed code on a privacy policy page on their website. When there’s a new law that goes into effect, we would update that from our end, and then the new, updated privacy policy would just populate.

Chris Badgett: That’s super cool. Go ahead, Hans.

Hans: Yeah, sometimes we can’t just automatically push an update because maybe there’s a new law that’s going into effect that requires us to ask an additional question. For example, on October 1st we had to ask the question, do you sell the information you collect and do you collect the data of Nevada residents? Our email sends out … When you’re a client, you receive the email like, okay, you have to answer yes or no, you answer it and then it pushes the update to your website automatically.

Donata: Right.

Hans: The way it works is that when you answer the questions at the end, rather than producing copy, like text that you copy and paste onto your website, it produces an embed code. That’s what you copy and paste onto your privacy policy page, for example. That embed code allows us at Termageddon to control what that copy says. When the laws do change, we push the updates automatically to your privacy policy page.

Chris Badgett: I think that is super cool. What if somebody is just getting started and they kind of get into this world of like, “Oh, all right, I just need to cover my bases legally, and maybe I’m … ” The thing with the internet, with courses and membership sites, is people can have customers locally but also like all over the world. How should somebody start thinking about, “Well, whose laws do I need to pay attention to in terms of my states or my country, or what if I’m selling in other countries?” I see a lot of people just really confused and not knowing where to start. What are some basic fundamentals of having a global micro multinational company that we can start from our websites these days?

Hans: Yeah. Do you want me to … Can I take that?

Donata: Sure.

Hans: Awesome. All right. I think one fundamental thing that people need to realize is that privacy laws are being put in place to protect the citizens of that state, country, whatever. They are not to protect the businesses. When a set of laws get introduced to the European Union called GDPR, those laws are out to protect the European citizens. If you are processing data from European citizens, you’re going to have to comply with those laws. Same goes with New York. New York is proposing a privacy bill that will allow its citizens to sue businesses of any size, located anywhere, for having as little as a contact form on their website and not providing a compliant privacy policy, compliant with New York specific rules.

Hans: It doesn’t matter where you’re located as a business owner, all that matters is that, is your website getting seen, used by … you’re processing data of citizens of certain areas? That means businesses, regardless of size, will need to have a strategy in place to think about how are they going to keep their policies up to date when the laws change, because that’s the nature of the beast that we’re now in, whether that’d be good or bad.

Donata: Yeah. I’d say the best rule of thumb to remember with that would be is, who are your customers, right? Do you have customers in Nevada? Yes. That means you have to comply with Nevada’s privacy laws. Do you have customers in the European Union? You’d have to comply with the European Union laws. I would base it more on where your customers are located versus where you are located yourself.

Chris Badgett: That’s cool. I mean, not to scare people, but if people just haven’t really even thought about terms and privacy pages on their website, what are they leaving themselves open to, or what can happen when these things are just ignored? I mean, sometimes … I’m always surprised when I go to even a well known person’s website and I click on the privacy page and there’s like some Lorem Ipsum like starter text. It happens more than you think. What are we exposing ourselves to if we don’t create these types of pages?

Donata: Yeah, or the link doesn’t work? [crosstalk 00:08:29].

Chris Badgett: Yeah, right, yeah.

Donata: Right now as it stands, the fines can range between 2,500 per violation, which means per website visitor, to 20 million euros. I think that’s something that’s really important to remember is that those fines are per violation and they average between 2,500 to 5,000 to 7,500. Those are regardless of the size of the business. The European Union with GDPR takes into account the size of your business. In the US, they don’t when it comes to the fines themselves, if the law applies to you in the first place.

Donata: Then also I think the important thing to remember is that regardless of the fines, which obviously are horrible for small businesses, but consumers want this stuff now. There’s been a lot of studies performed where a large percentage of Americans actually care about their privacy now. That’s something that’s relatively new. It’s only happened in the last couple of years, I think since Cambridge Analytica. That’s kind of what messed up everything for the rest of us, which is great, thank you. Consumers want to see you have a privacy policy. They want to make sure that you’re not abusing their privacy rights. They use that as a purchasing decision at times. I think that’s another important thing to remember in addition to the fines.

Hans: Yeah, and then the big one for the future that people are going to look out for is what’s called private right of action, meaning that consumers in certain areas will have the right to sue businesses for not providing compliant privacy policies. That’s the big one that’s going to happen in the future, but it’s not right now. Then a lot of people think, “Well, I’m just a small business. I don’t need this.” I’m sure Donata probably has the case memorized, but even in GDPR, I forget which country, but there was like a marketing firm that was fined because they sent a text message to one person and that one person complained and they ended up getting fined.

Donata: You don’t have to have 50 million customers for it to apply to you.

Hans: Yeah, because I think everyone’s like, “Well, it’s only Facebook getting sued for millions of dollars or billions of dollars.” I’m like, well, no, it’s because that’s what the news does. It takes the biggest highlight and they highlight the big ones. They don’t talk about all the small ones that are happening on a daily basis.

Donata: Yeah. If it gives you a Google like GDPR enforcement tracker, there’s like a whole … Somebody made like a whole list of GDPR fines. I forget exactly, some law firm did it, but it’s kind of nuts to like watch it because it just has this like ticker that keeps going and going and going. There’s like 50 pages.

Hans: For like nerds like us, we like this, but we look at that stuff for you so you don’t have to.

Donata: Yeah, I don’t know who’s going to be like, “Oh man, I’m going to Google that after I listen to this.”

Chris Badgett: You never know. You never know. Like you said about the purchasing decision, I always recommend one of the first things you put on your website is Google Analytics, even before you need it. There’s a good WordPress plugin for that called MonsterInsights that helps with that, but whenever I’m watching, for example, LifterLMS.com, and I look at the Google Analytics, the real time view, I’m always amazed at how many people are looking at the privacy policy of our website. I mean, it’s just happening. I mean, typically they have to check a box as part of the GDPR thing, and there’s a link to the privacy policy so people naturally go check it out, but it does influence purchasing decision. I mean, I can just say because … We get questions about some of the nuances of our privacy policy, which we actually paid a lot of money and hired a lawyer to level up with several years ago and it was cool, but it was extremely expensive.

Hans: Yeah.

Donata: Yeah. I think there was a study done, I believe it was [Cision 00:12:23], don’t quote me on this, I forget exactly who did the study, but basically they saw that privacy concerns can delay the purchasing cycle by like weeks in a lot of companies, which is really crazy, but yeah, a lot of people look at that stuff and not just to say, “Oh, they have it.” People will actually read it now, which was something that only people like me did a couple years ago and now a lot more people do it, which I think is good. I mean, people are becoming more aware of their rights and that they do have rights online, but for small businesses it’s hard to pay $5,000 for a lawyer.

Chris Badgett: Can you talk to the jurisdiction stuff a little bit? Sometimes I hear people, they’ll make a comment like, “Well, yeah, I sell all over the world, but some European country is not going to come after me because I live in the United States.” There’s kind of like a little cavalier attitude, but like how should we think about it as global citizens? Can a European country come after me? If I do get sued or something, could it later impact when I want to go to that country? How do we think about this in this small world, international world, if we are … I think it’s kind of new for some people to feel like they have to abide by laws happening in another country. Help us grow up a little bit here.

Donata: There’s a concept in American law called sufficient nexus or sufficient connection with a particular area, right? Let’s say I take a bunch of lithium batteries and I mail them to California and I live in Illinois. Those lithium batteries end up exploding on the way and I didn’t say that I had lithium batteries even though I had to. I mean, in that particular case you wouldn’t say, “Oh, well, that’s not my problem because I’m not located in California,” right? It’s something very similar to what’s going on with these privacy laws. If you want to do business in a particular area, you have to comply with those laws, right? Just because something is totally fine where you’re located doesn’t mean that it’s not fine where you’re doing business. You can’t ignore the laws of where you’re doing business just because you’re not physically there.

Donata: Today, over the internet, you don’t have to be physically somewhere for the law to apply to you. Now, if you violate GDPR in France and you’re slapped with a $50,000 fine, I mean, I’m going to hope that if you go to France, you don’t get arrested and put in some detention center, but I mean, those fines do follow through. Those fines would still apply in that area or you could potentially be banned from doing business there. One of the things that was discussed in Facebook’s case is, because they violated GDPR they could be slapped with a fine, or they could actually be prohibited from processing the data of European Union citizens. You could be slapped with a fine or they could stop you from essentially doing business there. Is that something that you really want to play with? I personally wouldn’t.

Donata: I think that a lot of people are like, “Well, I’m not physically there, whatever.” I mean, you have to collect taxes even though you work online. You have to make sure that you’re not distributing unlawful content even though you work online. I mean, this is the exact same thing. It’s just another law that you have to follow. While it may seem a little bit daunting, it’s actually not that bad. You could just get it over with and move on and run your business like you’re supposed to instead of being constantly nervous about complaints and fines and all of that stuff. It’s easier to just be compliant.

Chris Badgett: Keep listening. This podcast is not over. This is just a special message about this episode’s sponsor, WP-Tonic managed WordPress LMS hosting. Think of it as everything you need to have a professional online course training platform right out of the box, ready to go. Find out more about WP-Tonic’s managed WordPress LMS hosting by going to LifterLikes.com/Tonic. Now back to the show.

Hans: Yeah. Just to speak my side, like whenever I hear someone saying, “Well, I’m not based in France or Germany or whatever, I’m in America so I have nothing to worry about,” my thought always is that these people are more so thinking to themselves, “I’m a risk taker. I got a budget. I can’t spend a dollar over it, and I am just going to roll the dice and hope I don’t get caught.” Hey, I’m not going to stop you, like to each his own, but at least acknowledge what you’re doing. You know that you’re going to be getting leads and business from other areas and you know you’re not going to comply with those markets.

Hans: In your mind, I think what would be best is you just admit to yourself the truth, which is that you’re rolling the dice. Good for you. Hey, I’m not going to stop you, but there are now solutions that can help you get compliant, stay compliant, and not have to roll the dice at all. You’re going to look great in front of all the prospects that are looking at your business, because you’re going to look professional in front of them, because you’re going to be providing them stuff that all the other competitors are providing them in terms of data, rights and protection.

Chris Badgett: For somebody who’s really interested and wants to level up their terms and their privacy pages and stuff, how do they … If they’re thinking about like, “Well, I don’t want to spend $5,000 on a lawyer,” like how do you guys do what you do? How is it possible to have such an affordable solution at Termageddon that gives you … It’s not just cookie cutter. People have to enter information to adjust it to what they are and it updates over time. How is it even possible to do that?

Donata: My salary is really low.

Chris Badgett: Yeah.

Hans: We’re into farming, like [crosstalk 00:18:49].

Donata: We already grow our own food.

Hans: No, on a more serious note, Donata oversees all the laws and she has people that advise to her and all that stuff. I’m sure she’ll want to speak … Actually, do you want to go ahead? That’s probably the most important one. [crosstalk 00:19:06]

Donata: Sure. Before this, I was in private practice and I wrote contract for agencies and I also wrote privacy policies and terms of service. Yeah, I would charge people for it. I’d charge really good money for it, but what I realized at the time was that for most of my clients, I was asking very similar questions and I was using very similar language. My thought behind it was you could automate it and create a technology solution that takes me and automates me, right? You would ask some questions and then certain text would go in, depending on your answers and depending on your choices, and there was a way to automate it.

Donata: The way that we’re able to do this at a reasonable price is I write everything in the back end and set everything up. Our developers develop the technology solution and then it kind of runs on its own. Then I do my own thing, which is keep up to date with the incoming privacy laws and keep up to date with the cases. When I want to change something, I can go in and change thousands of policies at once. The marriage of technology and laws, what allows it to happen in a reasonable price, there’s a lot of things that you can’t automate or you can’t make a technology solution for it in law, but I would say that for most small businesses and most websites, you can automate most of this. That’s the way that we’re able to do it.

Hans: Then an additional just note is that we also don’t touch certain industries. Websites that require HIPAA compliance, that means like doctor websites that are asking for like patient information, patient history, prescription history, stuff like that, we don’t service that group. Then we also don’t work with websites that target children under the ages of 13. That’s a whole different set of laws and we’re not getting paid enough to go deep like that.

Donata: At least not right now.

Hans: That’s right. That’s right. We’re $10 a month or $99 a year, and you get a set of policies that automatically updates. That’s an auto updating privacy policy, terms and conditions, disclaimer, which is really important for affiliates, and end user license agreement. All of those are wrapped into one package, 10 bucks a month and $99 a year. As Donata just explained, you answer a series of questions and the questions change based on how you answer other questions, and then out comes the embed code that you copy and paste onto your website.

Chris Badgett: I love that. I’ve sometimes heard this called like a tech enabled service. I think you that’s listening out there, the course creator, you know what it’s like to scale through technology. I mean, essentially you’re teaching at scale through your website or through your client’s website. If you need to go back and like tweak the content of a lesson or add a new one, it can instantly update across like all your users. It’s really the same idea, just for your website, this is what they do from the legal side, and it’s personalized to that particular … to you and where you are and how you answer the questions. I love that too, how you guys, there are certain areas where you don’t go, like with the HIPAA compliance or the kids under 13 or whatever. It’s really specific.

Chris Badgett: I mean, if you don’t have terms on your site, I would strongly recommend that you go to Termageddon.com. It is peace of mind. It helps you sleep at night. Course creators are really busy. Having that nag at the back of your mind of like, “Am I above board on the law, the legal stuff?” I mean, it’s not … This is a pretty awesome solution for that. If you’re building sites for clients, this is an incredible value add that you can just add into your package, because if you are delivering this solution to one of your clients who’s a coach or an expert selling courses of some kind, you may … Just the fact that you recommend this before they realize they need it, that’s what like great client service is about, because you know they’re going to need it eventually. Yeah, this is really cool. Donata and Hans, do you have any final just thoughts on Termageddon or just the state of privacy to kind of leave with the people before we go today?

Donata: So many thoughts.

Hans: I do. I do too, yeah. I’ll take it. I’ll take the first one then.

Donata: Okay. I know what you’re going to say.

Hans: You know what I’m going to say.

Donata: Oh, yeah, 100% [crosstalk 00:23:53].

Chris Badgett: This is like two for one. This is awesome.

Donata: No. No.

Hans: Oh, okay.

Donata: [crosstalk 00:23:56] contact forms.

Hans: I think … Oh, okay. Well, I’m going to share mine. I’m a firm believer that … I come from the web agency world and I always think about like how an SSL certificate, getting HTTPS added to your website, five years ago it was like kind of like a nice add on, but nowadays we look at websites that don’t have security as like, what are you doing? Why is this website not secure? You feel almost gross visiting it. We’re going to see that same exact experience happen with data privacy. I think five years from now it’s going to be assumed that I’m a human being, of course I can tell a company to get rid of all my data. I’m a human. Humans are more important than companies. I think we’re going to see that in our lifetime. I think that we’re going to see that within the next 5 to 10 years. I think it’s because of these privacy laws. That’s my future vision type outlook. I’m very happy about it too.

Donata: Yeah. I’d say for me, there’s a lot of confusion about what websites need a privacy policy. I’ve heard anywhere from like only websites that collect financial information need it, to only websites that are in Europe need it, and like all these misconceptions. I would say that the most important thing to remember is that a website needs a privacy policy when you’re collecting personal information on it. Personal information is stuff like name and email. If you have a contact form, you’re collecting personal information on it. If you have a newsletter sign up form, you’re collecting personal information. If you’re processing orders, like on your courses, you’re collecting personal information. That means that you would need a privacy policy. I think that’s the most important thing to remember is when you actually need one. I think by now that’s pretty much every website ever, because who has a website without a contact form?

Hans: Yeah.

Chris Badgett: Well, before you guys got to go, I love the name Termageddon. That’s spelled T-E-R-M-A-G-E-D-D-O-N.com. Go check that out. How’d you guys come up with the name? A good name, by the way. This is something that’s important for course creators because if you name your course or you’re naming your brand or whatever, that name, if it can stick, it’ll stay forever, but like the first time I heard about you guys, I don’t remember where I even heard about it, but I never forgot that name.

Donata: Nice.

Chris Badgett: It just works. What’s the history of the name Termageddon?

Hans: We we’re having a few drinks and just got to thinking about the most ridiculous name possible for it. We had an investor meeting lined up for the idea. It was all just an idea at the time. We were just like, “All right, well, what if we just told the investor we wanted a bunch of money to get a company called Termageddon started?” We were just kind of like in a troll mindset. We were like, “Let’s see if we can get an investor to give us money for it,” and he did. We presented Termageddon and he loved it.

Donata: Yeah, it’s kind of like terms and Armageddon, but [inaudible 00:26:51] Terminator, but it was already taken.

Hans: Yeah, Terminator.com was already taken.

Donata: We couldn’t afford that domain so we did Termageddon.

Chris Badgett: That’s awesome. Well, Donata and Hans, thank you so much for coming on the show. I really appreciate it. We’ll have to do it again some time. If you’re listening to this, go check out Termageddon.com. Thank you guys so much for coming.

Hans: Thank you so much.

Donata: Thank you for having us.

Chris Badgett: That’s a wrap for this episode of LMScast. I’m your guide, Chris Badgett. I hope you enjoyed the show. This show was brought to you by LifterLMS, the number one tool for creating, selling, and protecting engaging online courses, to help you get more revenue, freedom, and impact in your life. Head on over to LifterLMS.com and get the best gear for your course creator journey. Let’s build the most engaging, results-getting courses on the internet.

Exclusive Download: 2020 WordPress LMS Buyer’s Guide – Stop wasting time and money researching online course and membership site tech.

Share

Subscribe

Leave a Comment

Your email address will not be published. Required fields are marked *