Client Privacy Notice Template for the United States
Generate a bespoke document
What is a Client Privacy Notice?
The Client Privacy Notice serves as a crucial compliance document required by various U.S. privacy regulations. It provides transparency about an organization's data handling practices and informs clients about their privacy rights. The notice must address requirements from federal legislation like the GLBA and FTC Act, while also considering state-specific privacy laws such as the CCPA. Organizations should implement this document to establish trust with clients, maintain legal compliance, and demonstrate commitment to data protection principles.
About the Client Privacy Notice
A Client Privacy Notice is a comprehensive disclosure document that explains how your organization collects, uses, shares, and protects client personal information. This legal requirement serves as the foundation of your privacy compliance program, ensuring transparency with clients while meeting complex regulatory obligations across multiple jurisdictions.
When do you need this document?
You need a Client Privacy Notice when your business collects any form of personal information from clients or customers. Financial institutions must comply with GLBA requirements, while healthcare providers need HIPAA-compliant notices. E-commerce businesses, marketing agencies, and subscription services require notices under CCPA if serving California residents. Educational institutions must address FERPA requirements, and any business sending commercial emails needs CAN-SPAM compliance. The notice becomes essential before launching services, updating data practices, or expanding into new markets with different privacy requirements.
Key legal considerations
Your privacy notice must accurately reflect your actual data practices and include specific mandatory disclosures. Under GLBA, financial institutions must explain information sharing with affiliates and third parties, provide opt-out rights, and describe safeguarding measures. CCPA requires detailed explanations of personal information categories, business purposes for collection, and consumer rights including deletion and non-discrimination. The FTC Act Section 5 demands that your notice avoid deceptive practices and match your actual data handling procedures. Consider cross-border data transfers if serving international clients, as GDPR compliance may be necessary. Regular updates are crucial when business practices change, as outdated notices can trigger regulatory violations.
Legal requirements in United States
Federal privacy laws establish baseline requirements that vary by industry sector. The GLBA mandates annual privacy notices for financial institutions, with specific timing and delivery requirements. Healthcare entities must provide HIPAA notices at first service and when privacy practices change significantly. The FTC Act applies broadly, requiring all businesses to honor their stated privacy practices and avoid unfair data collection methods. State laws add complexity, with California's CCPA/CPRA requiring enhanced disclosures about data sales, automated decision-making, and sensitive personal information. The CAN-SPAM Act governs email privacy practices and requires clear identification in commercial communications. Educational institutions must comply with FERPA's strict consent and disclosure rules. Your notice must address applicable sector-specific requirements while maintaining consistency across all regulatory frameworks that apply to your business operations.
GOVERNING LAW
Applicable law
This Client Privacy Notice is drafted to comply with United States law. Key legislation includes:
CAN-SPAM Act: Federal law governing commercial email practices and marketing communications
HIPAA: Healthcare-specific privacy regulation protecting medical information
FERPA: Education sector privacy law protecting student educational records
COPPA: Federal law protecting children's privacy online for individuals under 13
FCRA: Federal law governing the collection and use of consumer credit information
Explore 208,390+ legal templates
Explore 208,390+ legal templates
Genie's Security Promise
Genie is the safest place to draft. Here's how we prioritise your privacy and security.
Your data is private:
We do not train on your data; Genie's AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it