Privacy Policy for Landing Pages and Squeeze Pages

Last updated on 29 August 2019 by Jennifer Laird
Privacy Policy for Landing Pages and Squeeze Pages

If your website has a landing page for marketing purposes, or if you capture data from people who visit your site, then you are legally required to post a Privacy Policy on your page. Why? Because the Privacy Policy explains to visitors what information they share with you, and what happens to it.

Like your homepage, the landing page is a main point of entry to your website, which means it's the first page that visitors see when they click on a link through Google. Visitors should be able to access your Privacy Policy before they decide to proceed any further.

Let's consider Privacy Policies in more detail and see why they are so important for landing and squeeze pages.


The Privacy Policy

So, you run a website and you're getting traffic. Does this mean you automatically need to publish a Privacy Policy? Not necessarily, but it's so useful that every website should have one. Virtually every website you visit will have a Privacy Policy available to visitors, even if it's just a brief disclaimer.

Put simply, the Privacy Policy should tell visitors:

  • What information you collect when they browse your website
  • How you store and safeguard the information
  • How you process (or use) their information
  • Who you share their information with - for example, marketing partners and third parties
  • What rights the visitors have to delete their information from your system

If a visitor gives you their personal information, such as a name, their email address, or their age, then they are legally entitled to know what happens to this information, where you store it, and how they can revoke their consent for your use of it.

To understand how Privacy Policies operate for landing pages, it's necessary to know where the legal responsibilities come from in the first place.

Privacy Policies and the Law

Privacy Policies and the Law

It's no secret that data protection and privacy security are big issues these days. The main laws affecting Privacy Policies and data protection are:

  • The General Data Protection Regulation (GDPR)
  • The Personal Information Protection and Electronic Documents Act (PIPEDA)
  • The California Online Privacy Protection Act (CalOPPA)

Combined, these policies have completely overhauled how businesses collect, manage, and share personal information from their online visitors.

General Data Protection Regulation (GDPR)

The GDPR is an EU regulation that strictly controls how businesses process and handle personal data. It applies to:

  • Businesses with a commercial element; so, any business selling goods or services to people in the EU
  • Businesses capturing data of people in the EU for behavioral monitoring purposes

Personal data is, essentially, any information that could be used to identify an individual such as an address, email address, name, or date of birth. So, if you're capturing this data from visitors who land on your site from the EU, you need to abide by the GDPR.

Specifically, you must give visitors control over cookies.

Websites often want to install 'cookies' on a user's computer because this helps the business identify the user's browsing patterns and show them targeted marketing. With the GDPR, however, visitors must give their express consent to you placing cookies onto their devices, and they have the right to reject your marketing cookies or opt out even after consenting.

You can include your policy on cookies in your Privacy Policy, or you can draft a short separate Cookie Policy for visitors to access.

Personal Information Protection and Electronic Documents Act (PIPEDA)

If you run a business that operates in Canada, or if you have Canadian visitors, then PIPEDA affects your operations.

PIPEDA is really similar to the GDPR. It determines what personal information you may capture from visitors, and what consents you need from anyone before you collect or store this information.

The basic principle is that businesses can only collect, process, share, and store personal data in a reasonable way - for example, you wouldn't capture someone's home address simply to share an online newsletter.

As with the GDPR, PIPEDA is designed to give control back to site visitors and protect their personal information in a rapidly digitalising world.

California Online Privacy Protection Act (CalOPPA)

The CalOPPA is one of the most rigorous data protection policies in the United States, which means you must be aware of how it potentially affects your marketing strategies.

Like PIPEDA and the GDPR, CalOPPA determines what information visitors share with you, and what rights you have to handle, share, or process this data.

CalOPPA applies to online service operators, website operators, and mobile app operators who collect personal data from Californians. No matter where your business is located, if your site receives California visitors, you must abide by CalOPPA.

Just like the other privacy acts, CalOPPA applies to commercial websites; so, anyone selling goods or services to Californians.

So, where does the landing page come into all this?

The Landing Page

The Landing Page

A landing page is a crucial marketing tool for any business. It tells visitors that you'll give them information in exchange for some basic contact details. The landing page is, then, a tool for capturing leads.

The aim is to convert visitors into paying customers, but this often doesn't happen on a first engagement. There may be a few steps that the typical visitor takes before they commit to paying money for, say, a course or a membership. Perhaps, for example, you want visitors to download a brief eBook, or you hope to encourage them to join your online community.

Here's an example from a commercial website, Casper Sleep. If someone's buying something expensive like a mattress, they typically want to learn as much as they can before committing to a purchase. Casper knows this and includes various landing pages throughout its site to take visitors from the curiosity stage to the purchase:

Casper Sleep landing page example

The Privacy Policy is available to view from the homepage footer, meaning visitors can know what data Casper collects from them as soon as arriving on the website.

Casper Sleep website footer with links

What's important is that visitors can stop browsing the site at this point if they don't want Casper to collect any data.

We'll consider how landing pages are affected by the Privacy Policy shortly, but let's look at a squeeze page, too.

Squeeze Pages

Squeeze Pages

A squeeze page is a special type of landing page. It's generally much shorter and less detailed, because it serves a specific purpose - capturing email addresses.

Squeeze pages often have a sense of urgency about them. They aren't designed to give visitors lots of information or detailed advice. Instead, they 'squeeze' information from a visitor and attempt to convert them into a lead right away.

When would a business use squeeze pages? More often than not, businesses use them to encourage newsletter signup, eBook download, or course enrollment. You might be wondering how they work, because we don't typically want to give their email addresses to every site we visit.

Squeeze pages work because the visitor generally gets the key information about the business and its offerings elsewhere. When the visitor lands on the page, they're already close to converting from lead into consumer.

Here's an example from personal trainer Bret Contreras. The moment you click on the homepage, a window pops up asking users to supply their contact information for access to a newsletter and a free eBook. Also known as the 'Glute Guy,' visitors typically visit Bret's site looking for more information about his well-known glute-building programs:

Bret Contreras newsletter and ebook sign-up form - Squeeze page

What's clear is that squeeze pages typically work best when the expected visitor traffic is already engaged with the content creator. They work less well when visitors land on a site completely out of the blue with no prior knowledge of the content.

Why Businesses Use Landing Pages and Squeeze Pages

Landing pages are, essentially, the first place a visitor lands when they click a link on your website, or when they click through to your homepage from Google. A squeeze page is a condensed and more specific type of landing page.

Businesses use these pages primarily to:

  • Convert web traffic in a specific way that benefits the business, e.g. converting them to paying customers
  • Promote their unique services
  • Capture data and build their customer base
  • Build their Search Engine Optimization (SEO) by using the right keywords and key phrases which potential visitors frequently search for through Google
  • Catch a visitor's attention and keep them engaged with the website
  • Attract a wide range of customers by including varied landing pages each focusing on different services

Although data storage and capture is strictly regulated these days, it's still a vital marketing tool, which is why businesses will continue to use landing and squeeze pages.

Landing Pages and Privacy Policies

Landing Pages and Privacy Policies

Your Privacy Policy should be available before anyone provides information on a landing page.

It's a good idea to draw attention to the Privacy Policy the moment a visitor clicks on a website for the first time. Use a checkbox or pop-up notification which visitors must engage with so you're clear that they consent to your Policy. Women's Best uses this technique:

Women's Best Cookie and Privacy notice

Now, if the visitor engages with any specific landing pages, they've had the opportunity to browse the Privacy Policy first. Once you click 'Got it!' the Privacy Policy is still available to view from the footer of every page:

Women's best website: Footer Service links

Let's take a look at some more examples of how Privacy Policies work with landing pages.

Newsletter and Email Signup

A great way to boost user engagement is by having them sign up to your newsletter or your promotional emails.

Medium, for example, has an email subscription link embedded in the center of its homepage. This makes it really easy for visitors to receive more of the content they love directly to their inbox:

Medium email newsletter sign-up form

Medium is capturing personal data here (email addresses), and so it must be possible to view the company's Privacy Policy to see what it collects and how it uses what it collects. Medium uses a scrolling bar which includes a link to its Privacy Policy. This bar stays visible as you scroll up and down the page, meaning you can click on the Privacy Policy before sharing your email address.

Let's look at Medium's Privacy Policy. The Policy explains why the business tracks information from site visitors. In this case, it's to improve functionality:

Medium Privacy Policy: Excerpt of clause about Information We Collect and How We Use it

Medium makes it clear that if someone signs up for the newsletter, that person can opt out of this at any time and Medium will remove the user's data. Clear instructions and a link are provided as well:

Medium Privacy Policy: Email from Medium opt-out clause

It's also possible to request what information Medium stores about you as a site visitor. This complies with existing international data protection law such as the GDPR:

Medium Privacy Policy: Excerpt of Rights of Data Subjects clause

These clauses all work together to keep users informed about what happens with data collected on a landing or squeeze page and what rights and options users have for all of this.

Memberships and Subscriptions

Here's another example. Netflix relies on a subscription model. Unsurprisingly, it frequently runs free trial promotions to attract new leads. The Privacy Statement can be viewed from this homepage. It's also viewable as you click through the trial setup process:

Netflix sign-up screen with Privacy Statement link highlighted

Netflix ensures that consumers can check the Privacy Statement easily at any and every step of sign-up. It clarifies that it collects both data customers supply to them, and data collected from cookies:

Netflix Privacy Statement: Excerpt of Collection of Information clause

Netflix makes it very clear that it shares the data it collects with other service providers so that users can access their subscription packages:

Netflix Privacy Statement: Excerpt of Disclosure of Information clause

As we can see, specificity is very important when it comes to Privacy Policies and data collected from landing pages. Customers have a right to know precisely why they're supplying the data and what will potentially happen with it if they do so.

Free Trials

Just like with Netflix subscriptions, users often want to try something before they buy and businesses know this. Free trials are a great way to attract customers.

MegSquats, a professional powerlifter who runs a training program called Strong Strong Friends, offers free fitness guides to anyone who subscribes to her newsletter. This is a great way to build your marketing reach and build trust with potential clients and consumers:

Strong Strong Friends email newsletter sign-up form

The Privacy Policy is strategically placed just below this capture section in the website footer so users can view it before they release any personal information:

Strong Strong Friends website footer with links

This Privacy Policy contains clauses similar to those above and it also includes a clause relating to Shopify. Shopify hosts the brand's e-commerce facilities. The brand explains what data is shared with Shopify, and how it's stored. Why? Because you, as the main business owner, are liable for what happens to this data when it's transferred to another provider (Shopify):

Strong Strong Friends Privacy Policy: Shopify clause

When you collect data from users via your squeeze or landing pages (or anywhere else) and share it with third parties, you need to at least note this as Netflix does. To be even more thorough, you can get into specific third parties and their roles with the data, as in the Shopify clause above.

Mobile Apps

You can also use landing pages to encourage visitors to download your app, such as a workout app. This is the strategy adopted by personal trainer, Katie Crewe. There's the option to download the app right from the homepage, which motivates customers to get started right away:

Katie Crewe: Ultimate Gym Guide - Learn More prompt

As you'll notice, the landing page isn't necessary the homepage - although, it's a good idea to use the homepage as one of your landing pages.

When you click to download the app, you're taken through to a download page. Here, there's an option to view the Privacy Policy before you make any commitments:

Fitplan App download page: Footer links

The key takeaway is this: Wherever you place your Privacy Policy, it must be visible and easy for visitors to view before any data collection or exchange takes place. If you want to collect data or install cookies from the moment a visitor lands on the homepage, you must give the visitor the opportunity to learn about what this means for them and make an informed decision about whether to continue with this.

You can provide links to the Privacy Policy wherever you feel it's relevant, but we suggest making sure it's obvious anywhere that there's a landing page or an opportunity for consumers to share data.

Conclusion

Remember, the Privacy Policy isn't optional for the most part. It's a legal requirement if you store, collect, process, or transfer personal information from site visitors, whether you install cookies on their device or the customer shares data with you.

The bottom line is that you can't collect legally data from site visitors without also including a Privacy Policy.

What's important is that visitors:

  • Know there's a Privacy Policy available
  • Understand why the information they provide is required for the services you offer
  • Know how you store and analyze this information
  • Can opt in or opt out of cookies and marketing preferences
  • Can revoke their consent to data storage at any time
  • Understand how their data is secured

Whether you collect data from a landing page or a squeeze page, or you simply want to use cookies from the moment the user lands on your homepage, no data capturing website is complete without a Privacy Policy.

Article categories
Jennifer Laird

Legal writer.