Privacy Policies

Privacy Policy Lawyer + Data Use Attorney

A privacy policy is a legal notification that sets forth information collection, use and disposal practices.  If you collect personal information from website visitors, you must have privacy policy. In fact, some states have enacted privacy notice laws that require operators of websites and online services to post a notice regarding their privacy practices.

Generally speaking, privacy notices should be clearly and conspicuously displayed.  Hinch Newman regularly assists clients with the development of robust and legally compliant privacy policies that set forth, without limitation, the type of information, collected, how it used, who it is shared with, whether users have the ability to review and request changes to collected data and third-party collection practices.

Consumer Protection Requirements

The Internet provides unprecedented opportunities for the collection, processing and sharing of information from and about consumers.  As rapid changes in information technology have created an array of new means to collect and use personal information, the risks of abuse of such information have risen exponentially.

Data privacy and security issues are more critical now than ever before.  Every company should have a fully compliance privacy policy that compliance with myriad related consumer protection requirements.

In the context of eCommerce, legislatures, regulators and courts worldwide have responded with new restrictions on the maintenance and management of personal information.  Every Internet-based business website that collects information from end-users must tailor a compliant privacy policy that provides specific information regarding its use, retention, protection, disclosure and data collection processes pertaining to consumer information. Commercial website operators should be prepared to live with the commitments they make.

We provide strategic advice on the full range of domestic privacy and security laws affecting Internet marketing and eCommerce, including protocols that secure your data platform to ensure the safety of consumer information. 

The firm provides strategic counsel with respect to applicable state, federal and international privacy and security laws and regulations, including, but not limited to:

  • Children’s Online Privacy Protection Act (COPPA)
  • Telemarketing Sales Rule
  • Telephone Consumer Protection Act
  • Do Not Call registry (DNC)
  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (2018)
  • Vermont Data Broker Legislation
  • Do Not Track and Google Analytics Advertising Disclosures
  • Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act)
  • Gramm-Leach-Bliley Act (GLB Act)
  • Health Insurance Portability and Accountability Act (HIPPA)

For guidance regarding online privacy issues, Hinch Newman can provide experienced counsel pertaining to the use of emerging technologies that can enable a company to comply with these obligations without sacrificing its ability to compete in a marketplace where personal information has great value

Inaccurate Privacy Policies are Legally Actionable

Misleading privacy and security promises are considered an unfair and deceptive trade practice.  Website operators that fail to implement accurate and legally compliant privacy policies are exposed to liability from regulatory enforcement actions and private plaintiffs.

Lawful and accurate privacy disclosures are just part of the privacy puzzle.  The Federal Trade Commission, for example, requires that businesses provide reasonable security for personal information.  

Professionally drafted and enforceable privacy policies are crucial for a number of reasons.  Not only are they often legally required to begin with, if done improperly allegations that data use practices have been misrepresented or are otherwise not in compliance with applicable legal regulatory requirements can follow.  Consumers expect all businesses – from brick-and-mortar to innovative tech giants – to accurately disclose their privacy practices and live up to their privacy and security promises whether they store consumers’ personal information on their own systems or in third-party cloud services.

Please contact us at (212) 756-8777, via email to or via our Online Case Submission Form.    

Please contact us at (212) 756-8777, via email to or via our Online Case Submission Form.