Earlier this year, we’ve shared on our blog a little introduction about privacy policies and why business owners need them to protect their customer’s personal information against the increasing number of data breaches.
A recent Data Privacy Benchmark Study shows strong evidence that privacy has become an even more important priority during the pandemic, with budgets that doubled in 2020 to an average of $2.4 million. This clearly proves that more consumers are getting concerned about who has their data and how it is being used.
Ideally, privacy policies should be reviewed and assessed by data protection experts to make sure it complies with the country’s laws. Certain regulatory systems exist to protect the privacy of internet consumers – one or all of which may apply to your business. A few examples of these laws are the General Data Protection Regulation (GDPR) in Europe, California’s Online Privacy Protection Act (CalOPPA), and NZ’s Data Privacy Act.
That being said, we highly recommend that businesses stay away from copy-pasted templates and policy generators, as these can cost you hefty fines and legal claims in the future. Instead, write your own privacy policy following these six essential points:
Â
- State the information that you need to collect by telling your users exactly what type of personal data you wish to capture.
- Tell your users how you intend to collect personal data from them – be transparent and let them know about your collection process.
- Let your users know what will you be doing with their data and specify the legal basis for the collection in compliance with the applicable laws.
- Be transparent on where and how long you’ll be keeping their data.
- Allow your users to limit what they share and ensure that their data will remain safe and private under your care. Let them know that sharing personal information is not mandatory and that users can limit what they share, opt-out, or revoke their consent at any time.
- Provide your users with a communication channel that they can use for questions about your policy.
Â
We’ve created a detailed guide in writing your company’s privacy policy; you can download it here for free by filling up the form.
Â
It doesn’t end here.
You should review your Privacy Policy at least once every few months and every time you make a substantial change to the way you collect, use, store, or share data. For any changes that you make, you should make an effort to notify your users and require them to acknowledge the updates either via email or by redirecting them to the new policy updates.
Finally, your privacy policy should also remind the users to carefully protect the personal information that they submit on your website — including their passwords, usernames, location, images, and videos — so that third parties can’t manipulate their accounts or assume their identities. If your site permits users to communicate with each other or see each other’s usernames or additional information, then remind the user not to disclose any sensitive information in the public domain.