How to Create a Privacy Policy

by Tori Johnson on September 2, 2010

Any business that collects personal customer data on their website  for any kind of processing should develop a privacy policy statement. Why go through the trouble of contacting a lawyer or a security company that specializes in private policy creation?

  • Because a privacy policy statement creates trust between a company, website and customers which can mean an increase in sales.
  • Because, depending on the reason that the data is collected,  displaying a  privacy policy is  legally required.

Things to do to create a  privacy policy

First things first,before developing a privacy policy statement carefully analyze the personal data you collect (or wish to collect).

  • Make certain that you thoroughly understand how the customer data that you collect is processed.
  • Check to see if the processing of that data is controlled by any city, state or federal law. For example:
    • The state of California requires that a policy statement be posted by all websites collecting personal data about California Residents.
    • Policy Statements are legally required for those businesses  processing medical data.
    • Check  merchant  or advertising companies requirements.

For example:

  • Credit processing or advertising companies may require you to include certain language in your private policy statement.
  • Google requires the following for people who want to be a part of their Adsense campaigns:….You must have and abide by an appropriate privacy policy that clearly discloses that third parties may be placing and reading cookies on your user’s browser, or using web beacons to collect information, in the course of ads being served on your website. Your privacy policy should also include information about user options for cookie management …

What to include in your privacy policy statement

A privacy policy statement should be written and published  based on a careful analysis of how your company uses and processes the personal data that it collects. A generic private  policy statement that covers everybody does not exist.  Try using a generic private policy statement and  you may be setting yourself up for a fraud or unfair trade practices charge.

Depending on the type of data that you process, your private policy statement should at least include:

  • A statement that tells the customer what you intend to do with the data that you collect.
  • That the data is kept confidential, shared or sold.
  • If cookies are used and why.
  • Explain that the data will not be used for any purpose other than stated in the private policy statement.
  • A statement that you guarantee that the customer’s data is protected and safe.

It’s all About Trust

Before you publish your private policy statement, make certain that it includes all of the language required by your merchants, vendors , city, state or federal laws.  Include any information that will make your customer feel comfortable enough to trust you with their personal data. Let them know where and how they can contact you.

Remember, your private policy statement is a method of talking to your customer.  The contents of your statement should give your customer the confidence to engage in  business with you

Leave a Comment

Leave a Comment

Modis