Scottish heritage societies need to build trust among their current and potential members – especially on the internet. In April 2024, the Federal Bureau of Investigation (FBI) reported that it received 880,418 complaints with potential losses exceeding $12.5 billion, which is nearly a 10% increase in complaints and a 22% increase in losses compared to 2022.
Most websites collect information from its users through “cookies,” which are small pieces of data created by webservers that play a behind-the-scenes role in making your online experience smoother. When you visit a website, your browser sends a piece of data to the web server hosting that site. This data usually appears as strings of numbers and letters in a text file.
These cookies can contain various information:
Session cookies: Temporary cookies that expire when you close your browser. They help maintain your session (like keeping you logged in) while you navigate a website.
Persistent cookies: These stick around even after you close your browser. They remember your preferences across visits, such as language settings or personalized content.
Third-party cookies: Set by domains other than the one you’re directly interacting with. Advertisers often use these to track your behavior across different sites.
Secure cookies: Encrypted and used for sensitive data like login credentials.
While cookies are generally harmless, some people worry about privacy. Third-party cookies, in particular, can raise concerns. Modern browsers give you control over cookies. You can delete them, block specific types, or even disable them altogether.
Privacy policies inform your website users how you use cookies to collect and keep personal information. While the United States does not currently have a federal law regarding online privacy, some states are stepping in. For example, California’s Online Privacy Protection Act (CalOPPA) requires all nonprofits that interacts with its citizens to post a privacy policy on its website.
In 2018, the European Union (EU) agreed on the General Data Protection Regulation (GDPR) that aims to protect the fundamental right to privacy and the protection of the personal data of the citizens of its member nations. This regulation affects any entity (including websites) that processes EU citizens' personal data. This affects you if you have EU website visitors.
Whether or not you believe that it is a strict legal requirement, a website privacy policy demonstrates your commitment to transparency. Users appreciate knowing how their data (or lack thereof) will be handled. By having a privacy policy, you show visitors that you value their privacy, even if you don’t actively collect personal information. This can help build trust with your audience.
Sometimes, unintentional data collection occurs. For example, if you use analytics services (like Google Analytics), they might collect anonymized data about user behavior. Mentioning this in your privacy policy keeps users informed.
In September 2024, COSCA surveyed 155 working websites in its database and determined that about 35 societies (about 22%) had posted privacy policies. See the complete list below. Only four included a pop-up requesting permission to accept cookies.
Some societies provide detailed information, such as the Clan Campbell Society North America which includes 15 topics will several numbers subsections in each. Some societies detail all the type of information they collect and the purposes for which they are put, such as the Clan MacAulay Association.
Some societies such as Clan MacRae Society of Canada educate their website visitors as to the type of cookies they collect (such as Essential, Statistics, Marketing, Functional, and Preferences) and provide the specific name of the code. You can find out what cookies your website (or any other website) generates by using an online cookie detector.
You can either create your own privacy policy or use an online generator that creates a policy based on your answers to a series of questions. This is what Clan Donnachaidh Society used to create its privacy policy.
Once you have a privacy policy in place, you may want to also have an “opt in” function if you collect more than just the basic information through session or “necessary” cookies. Many website building platforms such as WordPress and hosting services such as Wix and GoDaddy allow you to add a cookie banner.
In summary, developing and posting a privacy policy on your website will help gain the trust of your current and potential members – and help your Scottish heritage society grow!
This blog was researched and written based on the request for information on website privacy policies submitted by Marsha Cain Richardson of Clan Forsyth Society USA. If you have a request for information, please send an email to COSCA@bforbes.com. Thanks!
If you are Delegate or Alternate of a COSCA Organizational Member, you can access the complete article with many more details, including the complete list (and links) of all clan and family societies privacy policies: https://www.cosca.scot/privacy-policy