Protecting Yourself from Online Privacy Lawsuits with Donata and Hans Skillrud

#14: Donata and Hans Skillrud, founders of Termageddon, share how to know when your website needs a privacy policy and what you can do to protect yourself from massive fines and lawsuits.

If you’re interested in getting an auto-updating privacy policy for your website, you can sign up for Termageddon with our affiliate link to get a special 10% discount: contentheroes.com/termageddon


Episode Transcript

Hans: Very few people realize that, you know, take New York, for example, New York is proposing a privacy law that will enable its citizens to sue businesses of any size located anywhere for simply having a contact form without a compliant privacy policy. We’re sitting here like, are we taking crazy pills? Like because we’re members of like the IAPP, the International Association of Privacy Professionals and stuff and other groups like that. And on that side, everyone’s like, what’s going on? Like this is nuts. But then in the industry, in the web industry, no one has a clue and small business owners do not have a clue about this stuff. So we realized like we have to create content because someone eventually does. So it might as well be us to try to raise awareness of what’s going on. So that’s been very important for us as education and just this is what’s happening people.

Josiah: That was Denada and Hans Skillrud, the founders of Termageddon. And in this episode we dig into how to know when your website needs a privacy policy and what do you can do to protect yourself from massive fines and lawsuits. Now, let’s be honest, you probably feel like privacy policies are the least interesting piece of content you can put on your website. And I don’t blame you there. But Denada and Hans do a great job of explaining the need for policies in a fun and approachable way and I’m glad they do because with all the new privacy laws going into effect, we can’t afford to overlook our privacy policies anymore. So if you have a website and you care at all about being protected from privacy lawsuits, definitely stay tuned for this episode. And be sure to stick around until the end to get a special deal for Content Heroes listeners. Let’s jump in.

Announcer: You’re listening to the Content Heroes podcast where entrepreneurs, marketers, and creatives share how they build profitable businesses on their own terms by creating content online. And now your host, Josiah Goff.

Josiah: Welcome to content heroes, everyone. I’m here with Donata and Hans Skillrud, founders of Termageddon. And I’m really excited about this conversation. Thanks so much for being on the show you guys.

Donata: Hey, thank you so much for having us.

Hans: Absolutely. Thank you so much.

Josiah: So let’s start with the backstory of Termageddon and why you started a company about online privacy policies.

Donata: Sure. Hans, do you want to take this one?

Hans: Sure, yeah, so this is Hans speaking. I am the former owner of a 12 person web agency in downtown Chicago. We created websites for seven years. And at the time I happen to be dating this girl who is a privacy attorney by the name of Donata. And we were dating and I was just kind of sharing my frustrations over dinner one night just saying oh, it’s so weird that companies don’t know what to do for privacy policy and may ask a web agency what they should do for one. And I just talked about how bizarre that is, but that’s just how it works. And Donata was sharing, how you know she writes privacy policies for living. She’s a privacy attorney. And how monotonous they can get to be because it’s very often the same questions. And then based off how the user answer certain questions, other questions either appear or disappear. And from there we came up with the idea of Termageddon and we gave it the name term again because well we thought data privacy is probably the most boring thing on earth. So let’s have a name that’s not.

Josiah: I love it.

Hans: So yeah, that’s how it all came together.

Donata: Yup.

Josiah: Cool. So when you started this, what, you know, you made the decision to jump in, what did that look like? What were the kind of the beginning phases of the company?

Donata: So we basically got a quote for what the software application would look like and we spoke to a few people and got investments and I started writing everything out and planning everything out. And yeah, that’s just kinda how it started.

Hans: Yeah, a micro business plan and just kind of like a, Hey we think this could be cool and we think we can start it off like at a reasonable price point to see if it can happen. And we actually create a Termageddon before even GDPR was a thing. So this, Termageddon was being discussed in 2016, I believe. And yeah, it was kind of always just the backburner project though, me running an agency and Donata you know, heading council for big firms like well it just was always a backburner project. But at the beginning of 2019 after GDPR where we definitely saw an uptick, but in 2019 with more and more States adding privacy, proposed privacy laws, we started to see like real traction. So yeah, we made, I made the very difficult decision to sell my agency and go full time Termageddon. And shortly after Donata joined. So we’ve been doing it now for a little over eight months full-time. Although it’s been in the works for over three years.

Josiah: That’s fantastic. So what has been your primary strategy for growth? I know the content has been a core piece of that.

Donata: Yeah, it really has. So we do a couple of different things for customer acquisition. One of our main strategies is partnering with agencies. So we give agencies a free license and if they like it they can refer or resell us to their clients. And then another really big piece of our growth has been due to content. So we really focus a lot on education. Not a lot of people know about their privacy obligations when they have a website. Not a lot of people know that they need a terms of service and what those policies for websites are and what’s going on with the privacy laws and privacy bills in the US. So education is a huge part of our strategy and it drives most of the traffic to our site.

Hans: And just to echo that, you know with web agencies for example, they get a free set of policies and like we write guest blog posts for their own agency website. Discussing these privacy laws, these proposed privacy bills. Very few people realize that, you know, take New York, for example, New York is proposing a privacy law that will enable its citizens to sue businesses of any size located anywhere for simply having a contact form without a compliant privacy policy. So, you know, this is something that like we’re sitting here like are we taking crazy pills? Like because we’re members of like the IAPP, the International Association of Privacy Professionals and other groups like that. And on that side, everyone’s like, what’s going on? Like this is nuts. But then on in the industry in the web industry, no one has a clue and small business owners do not have a clue about this stuff. So we realized like we have to create content because someone eventually does. So it might as well be us to try to raise awareness of what’s going on. So that’s been very important for us, as education and just this is what’s happening people.

Josiah: That’s great! So what’s been your approach in the content creation process? How do you get people’s attention and get them interested in a subject that most people don’t really want to think about?

Hans: Well, I would return and ask you the question, are we talking about how do we get like publishers of content to listen to us about our proposed copy? Or are you saying, how do we get someone who’s landed on the page to actually read it?

Josiah: Well, both.

Hans: Okay. Yeah. So Donata has been instrumental with both. I can speak for you or you could just, we could hear it right

Donata: I guess.

Hans: the direct source.

Donata: right from the horses mouth. Yeah. Well, for us we kind of do a couple of different things in terms of content. So one of the things that we do is we’ll write blog posts on our agency partners websites. So whenever we have a new agency partner that signs up, Hans we’ll offer them, you know, if you’re not sure how to communicate the importance of privacy policies to your clients, we can write a blog post for you. And usually they’re, you know, just interested in that and we present them with a couple topic ideas and they can choose from those topic ideas. So most of the time they’ll choose like, why does my website need a privacy policy? Right? In terms of other publications. So I’m a member of the Illinois State Bar Association, corporate law council. So we have like periodically we’ll send out newsletters and like write articles and stuff to all of the attorneys who are part of the Illinois Bar Association in our state. So basically for them you submit your article idea and then they will either approve or disapprove it. So for that one we try to make sure that it’s new topics or things that are just coming out that are particular interest attorneys, the International Association of Privacy Professionals as well. I have a contact there and if I have a good article that I’ve written, I’ve send it to him and he’ll publish it on their resources page. Same thing with like the American Bar Association, but mostly we try to make sure that we’re talking about topics that are relevant to our audience. So if we’re writing an article for a website that appeals to marketing professionals, I’m not going to pitch an article about like, you know, using contracts to process data under GDPR because that’s like really boring and really technical. So we try to do topics that are a little bit more relevant to them or a little bit more interesting to talk about. So it’s all about knowing your audience and like who you want to talk to.

Hans: And just, you know, there is one area that I think is worth discussing cause not just discuss two spectrums, the agency side where web agencies get a free set of policies and we write a guest blog posts for them. And then on the other side, which is with a bunch of other lawyers, well, there’s this middle ground web-hosting companies. Web-hosting companies are very often I would say all of them are offering blogs and content and copy to, you know, to bring users to their host provider for them to come off as thought leaders in the space. Well, every single hosting company in the world that is focused on making business happen, it is focused on messaging the importance of security. That is a huge talking point that these hosting companies have security, security, security because that’s an expectation from the consumer. Well, security we realize is not that far away from data privacy compliance. In fact, some might even say like under the security umbrella, that’s where privacy compliance is located. Security, meaning protection, you know, protection from fines, lawsuits, all that stuff. So once we realized that, we then had an angle to come into these hosting companies and be like, look, we see you talking about security and the importance of it. Like you know, I don’t know if you have any plans, but I didn’t notice any articles talking about the California Consumer Privacy Act, which is hitting in 14 days. You know, do you have any plans to release something or could we work with you on getting something up? And nine times out of 10 they are like, yeah, we don’t have a privacy attorney on staff. We have no idea what this is about and we would love to talk to you. And it’s a topic that no one wants to talk about except us. So that’s really nice because it allows for many opportunities to exist to write copy.

Josiah: That’s fantastic. What I love about that is your approach to content is not just so it’s like a win, win, win, right? So you are providing valuable content to the end user, to the people reading it. You’re providing a valuable service to the person who’s publishing the content by giving them valuable content that their customers will love them for and we’ll help them. And then you’re also putting out content that gets people to know, like, and trust you and come back in. And if they want your help, they will become a customer. So that’s fantastic. I love it.

Hans: Awesome. Cool. Cool. And Donata has also done a great job. You’ll see in Termageddon blogs, like you know, we tried to start off every single blog with like an opening paragraph that is super lighthearted, probably sarcastic. You’re going to laugh like, and then like just a real, real like deep meme, like a meme. Like, and it’s talking about something funny. So like start every article she writes starts off with some lighthearted and fun and you know, you might be thinking, well this is about data privacy, so it needs to be serious, you know, but as you scroll down you’ll realize, okay, this person clearly has their stuff together. Like they’re writing really good copy here and everything like that. But we like to say, Hey, before you dive deep, here’s a little joke. You know, to keep things lighthearted.

Donata: I mean you kind of have to do that, right? Because there’s so much content out there, you have to make sure that yours is different. So whether you make it funny, whether it’s a topic that not that people are talking about Or it’s a topic that people have a lot of questions about, it kind of has to stand out from the usual crowd of things because you know everybody’s writing stuff now. So it’s all about how are you going to make yours more interesting or more appealing to people.

Josiah: Yeah, exactly. So I’m really curious, what are some of the big things that content creators, online content creators need to know right now about online privacy and how, if or how they might be vulnerable?

Donata: Yes, definitely. So I think the first thing that most people have a question about is, does my website need a privacy policy? Right? There’s so many misconceptions going on about that. Like I only need one if I’m processing payments or I only need one if I’m a doctor. But the reality of it is you need one if you have a contact form. So if you’re collecting personal information, so personal information would be like name and email. If you’re collecting that, that’s when you need a contact form. So if you have like an email newsletter sign up form, you need one as well.

Hans: or comments are.

Donata: or yeah, or a comments area for sure. And the thing right now is there’s a few laws that govern the collection of personal information online. There’s a law in Nevada, there’s a couple laws in California, and there’s law in Europe, which is GDPR, which like everyone has heard about. And another big misconception that people have is that you know, if their business is not located in Nevada or California or Europe, they’re fine. And unfortunately that’s not the case. So all of these laws were created to protect the consumers located in that state. So the laws have a very broad application. So, for example, in Nevada’s law, you need it if you have any transactions with Nevada consumers, California’s law, which was passed in 2003 I believe that one applies to you if you collect the personal information of California consumers. So if you get a submission on your contact form from somebody in California, that means you need a privacy policy. And what else is really interesting is that a lot of these things are changing now. So a couple of years back, nobody really cared about privacy. It was really just kind of like, you know a few guys in tinfoil hats, they really cared about it and that’s really not the case anymore. So Cambridge Analytica, which I’m sure everybody has heard of has pretty much ruined the internet for everybody else. And what’s funny is as part of my job, I read these laws, which sounds like really boring, but it’s actually pretty interesting. And like 90% of these laws name Cambridge Analytica by name as like the reason why they were passed. So there’s about eight States right now that are proposing their own privacy bills and all of those bills are slightly different, but what is very common amongst them is that they require websites that collect personal information to have a privacy policy. And they, each have different disclosures that need to be made in the privacy policy. And it’s my full-time job to keep track of all of those changes. And we have a state privacy bill tracker on our website and I have to change it like once per month. So there’s a lot going on with privacy right now. There’s a lot of changes and there’s a lot of things to keep on top of. But I think the most important thing to remember is that if you’re collecting personal information on your website, you should get a privacy policy.

Josiah: And so that’s pretty much everyone because if you have a website, you’re probably wanting to grow your audience, which means you want their email address, which means, yeah, you need a privacy policy.

Hans: Yeah. Email definition is personal information. There isn’t any defini–, there’s no interpretation of that one. That’s personal information by definition. The other thing I was just going to throw out real quick is that content creators may be inclined to write their own privacy policy. They’re already writing copy, great copy. Why not just write the privacy policy and look, I’m not going to stop you if you think that that’s a good idea, best of luck, but my two cents here are that even if you write the perfect privacy policy today somehow, even if you wrote that today, how are you going to stay up to date with when new privacy laws are introduced that you’re going to need to comply with? Who is going to read and interpret those laws? That would be my challenging thought to anyone who’s thinking I’m going to go copy and paste a privacy policy or use, you know, make my own. That’s the concern I see for people in this industry is that I think back in the day really people didn’t value privacy law or privacy policies for that matter. So they kinda just piecemealed it together and I think come five years from now we’re going to look at that habit or look at that behavior is like absurd. We’re going to be like, wait, so you would just like use like copy and paste whatever you found because five years from now people are going to be sued. They’re going to be fine like left and right and I, yeah, so that would be my two cents. It’s like really think twice before you copy and paste a privacy policy because not only are the odds against you that it’s going to be like actually coherent with your actual website in terms of what it collects, what, who you share with blah blah blah. But also what is your strategy to keep it up to date when the laws change? So

Donata: Yeah, and I think like before when there weren’t that many laws and that many regulations, like you could write something being like this is the information I collect, this is what I do with it, this is who I share it with. But right now there’s so many specific requirements. Like for example, the California law, which goes to effect, January 1st has a requirement that some businesses have a toll-free phone number for people to exercise their rights. And if you haven’t read the law before you wrote the copy, you wouldn’t know that. So I think there’s a lot of these pitfalls right now because these laws are so specific as to what the disclosures are and that it’s really easy to miss. So

Josiah: One of the things that’s been kind of confusing for me is the difference between like the privacy policy, the terms and condition, the disclaimer. There’s lots of things you can put on your website. Can you talk a bit about the purposes of those and how they help the website owners?

Donata: Sure. So the privacy policy in general will disclose what information you collect, who you share that information with, and what you do with that information. It obviously has a lot more disclosures in that. But that’s kind of the gist of what a privacy policy is. And the purpose of that policy is to inform users what happens to their data when they use your website. A terms of service is more like the rules of using your website. So for example, who can create accounts? What are refunds? What are your cancellations policy? You know, what are you liable for? Do you have links to third party websites? Stuff like that. And disclaimer is generally a more like a limitation of your liability. So for example, if anybody remembers those nineties like exercise videos and at the very beginning it was like if you feel like you’re going to die, stop, that’s a disclaimer. It helps protect you in case something goes wrong. So those are really the differences between those.

Josiah: Okay, cool. And how does copyright fit in with all those?

Donata: So copyright comes in when you’re doing your website or you’re writing articles, you could potentially take an image that doesn’t belong to you or that you don’t have the rights to. You could get sued for copyright infringement in those cases. But in your terms of service, if you write it up correctly, you might be able to place yourself in a safe harbor under the Digital Millennium Copyright Act. And the DMCA allows you to say, okay, if you think that I’ve infringed on your intellectual property or like your copyrights, contact me here instead of suing me and we’ll resolve it that way. So the terms of service has that included if you, obviously if you write it up and that would help protect you from copyright infringement claims. And then I think also for content creators it’s important to mention affiliate links. So if you’re writing copy for you know, a company or if you have an article about something and then you include an affiliate link, you should have a disclaimer that says, you know, we use affiliate links here and we get paid for, you know, whenever you purchase something through the affiliate program. And that’s actually required by most affiliate programs out there that you can use is to disclose that in the disclaimer.

Josiah: Great. That’s really helpful. I know that Hans you’ve probably run into this so many times running an agency, but I know I’ve seen it so many times too in my agency at Indigo where the privacy policy is like it’s an afterthought, right? We’ve got to get this website up, you know, we’ve gotta, you know, get this content out. Oh wait, we need a privacy policy? Okay. People do exactly what you said. They’ll usually like go copy and paste. If they have resources, they may hire a lawyer to, you know, create one for them and then they put that on their website. But even that sounds like what you’re saying is like you need to have a strategy for keeping that up to date. And so it’s gotten way, what I’m hearing from you is it’s just gotten way more complex in the past few years than it’s ever been. And there are steps that need to be taken on a regular basis to make sure that we, as content creators are protected and that we’re also in good faith. You know, protecting the information of our audience and our customers that, you know, we having something in place says, hey, you know, there’s no question around, you know, what we will and won’t do with the data that we collect and you know, you can trust us. And so I’m so glad we’re having this conversation because now I’m learning a ton just by talking with you guys. Cause there’s so much that I don’t know about this as well. So yeah, this is great. So what are some solutions or some resources that people listening can use to start better protecting themselves with privacy policies and terms policies and all of that?

Donata: Totally. Yeah, I think there’s some different ideas that people can use in different solutions. So they could hire an attorney if they wanted to, but you would have to make sure that they’re, they specialize in privacy, you know, to write those policies up for you. You would also have to ask them, you know, what do you do when the laws change? So they’ll tell you that’s kinda your problem now. Or I’ll send you an email and I will update you and this is the cost or you know, there is no cost. I think people can also use generators. That’s one of the solutions that we provide, which is basically you go in, you answer a few questions about your website and then it generates a policy for you. If you do want to try to write it yourself and learn all of these things yourself, I would definitely recommend that you check out the International Association of Privacy Professionals, which is iapp.org and they have some resources about like what new laws are coming out and what they mean. So that’s something to look out for to.

Josiah: Awesome. So let’s talk about Termageddon. Because when I put this on my agency’s website, I was really impressed with how easy it was. Like it literally took me less than five minutes to get a privacy policy in place, terms and condition, disclaimer. And I put it in my website, I didn’t have to think about it. So can you share with everyone listening how Termageddon works and the problem that you’re solving?

Hans: Yeah, absolutely. So Termageddon is a privacy policy generator that automatically updates your policies when the laws change. So for $99 a year you get a privacy policy, terms and conditions, and disclaimer, we even have other documents too. But those are the three main ones for today’s conversation. And what’s special about it is that through our dashboard, you answer some questions and rather than it’s spitting out copy, it actually spits out an embed code and that’s what you copy and paste into the body of your privacy policy page, for example. And whenever someone visits the page, boom, there’s the respect of privacy policy. But what’s cool about it, because it’s an embed code, it’s actually copy that’s coming from Termageddon server, meaning that we can push updates automatically to it whenever the laws change. We’ll notify you by email as well, letting you know what’s happening. Maybe there’s an additional question need to answer for a particularly new law, but that’s how we work. We’re $99 a year. It takes usually about 15 minutes to answer the questions and to set up your policies and get them onto your website. But then from there on out, you know, we’re monitoring the privacy laws for you, notifying you when additional questions need to be answered or when updates are being pushed automatically. So, yeah, that’s what we do.

Josiah: Yeah, I love it. One of the things that we’ve talked a lot about on the show is, you know, one of the ways that we, as content creators, and I mean number one is burnout, right? And one of the fastest ways to burn out is to try to do everything yourself. And do all of the stuff that, especially all the little things that is just not in your wheelhouse and the, you know, the people that are in it for the long haul who really succeed over time and grow a thriving business. They have shifted their mindset to thinking like a CEO and what can I offload? Like how can I delegate or outsource the things that are not my unique contributions to this business so that I can stay energized, you know, stay leading the company or you know, creating the content and continue to do that day in and day out without getting burned out. And how can I get everything else off of my plate? And so I love that you guys have created just this really elegant, simple solution that takes care of something that would, if you tried to do it yourself, you can if you want to, but it would just be one of those things that would, would not be worth it.

Hans: It technically could give yourself surgery, too. I mean it’s just like, it’s not advised, you know, advisable. So no, I really appreciate that. And, and you’re right, I agree with that outlook as we both discussed, we are both agency owners. Like that was something that fundamentally shifted me as an individual was when I realized, okay, I can create standard operating procedures and have staff do things that I need them to do to grow my agency. Like it’s the same concept is like, all right, like let experts be experts and turns out like you can be so much more profitable or successful by realizing instead of spreading yourself too thin, where that never is a good strategy at all. Even in board games, like not in risk, at least. Never do it. You know, you want to delegate appropriately. So, yeah, I really appreciate that. Yeah, it’s really cool.

Josiah: Cool. Well, Donata, Hans, I really appreciate you being on the show today. I’ve learned a ton. I know our audience has as well. Before we hop off here, can you share where people can find you online and learn more about Termageddon?

Donata: Yeah, so we’re on any social media like Twitter, Facebook, Instagram, LinkedIn, just @Termageddon, and there’s going to be a link to our website in the description too.

Hans: Cool. And users will actually be able to get 10% off their first order by visiting a website URL, right, Josiah?

Josiah: Yeah, so that’ll be contentheroes.com/termageddon.

Hans: Cool. And Termageddon is like Term-aged-don, so T-E-R-M-A-G-E-D-D-O-N.

Josiah: Awesome. Thanks again for being on the show.

Hans: Hey, thank you so much.

Josiah: Thanks for listening to the Content Heroes podcast. As I mentioned earlier, we have a special deal just for you. If you’re interested in using Termageddon to get auto-updating policies for your website, go to contentheroes.com/termageddon and receive a 10% off on your first purchase of any plan. Now, full disclosure, this is an affiliate link and we do get a small commission at no extra cost to you if you sign up using our link. But even if we didn’t, I would still 100% recommend using Termageddon. It really is the easiest policy generator I’ve tried and it’s one of the quickest ways to get peace of mind from your website. Once again, visit contentheroes.com/termageddon, that’s T-E-R-M-A-G-E-D-D-O-N for 10% off discount and get a privacy policy for your website in less than 10 minutes.

Don't Miss Out!

Subscribe to our email list and get weekly notifications of new episodes, as well as helpful tips and recommended resources for online content creators.

No thanks, I've already subscribed
Share via
Copy link