Don’t you want to know how businesses are using the private information they collect from you? Don’t you think your customers want the same thing?

Depending on where you live and what you’re doing, having a privacy policy for your customers’ information may actually be required. The Federal Trade Commission, for example, recommends privacy policies for most websites that collect and share consumer data, whether they do so actively or use cookies; federal law requires privacy policies for businesses collecting sensitive data, including personal information from children under 13, protected health information, or information related to certain financial products or services such as consumer loans, investment advice, or insurance. A few states go even further, with laws that require privacy policies for websites collecting certain types of data. BBB requires a privacy policy for its accredited businesses if they collect sensitive information.

But even if it’s not required, a privacy policy can help you build trust with customers and set yourself apart from your competition. Even if you’re not using your site to make sales, you may be collecting visitors’ personal data to generate leads, make appointments, manage newsletter subscriptions, or share with advertisers. You may also be using web analytics to optimize your website’s performance. It’s useful to at least have some sort of policy in place for navigating and using all this information.

 

How to Provide an Effective Privacy Policy

Be accurate and complete. Your policy is a pledge to your customers about how your business will handle and protect their personal data. It should reflect data practices unique to your business. You can check out policies of similar businesses for inspiration.

 

  • Keep it simple. The policy is a legal document, but consumers don’t want to read a bunch of technical jargon. Your privacy policy should be written in plain language so your customers can readily understand how you’re handling their information.
  • Make your privacy policy easy to find. Consider including a prominent link in the header or footer of every page so visitors can check out your policy before they interact with your site.  At the very least, your privacy policy should be linked from your homepage and any other pages where data is collected.
  • Update your policy as necessary. If you change your business and privacy practices affecting customer data, communicate any substantial changes to customers before they take effect.

 

Key Questions to Answer in Your Privacy Policy

What type of data is being collected? In addition to names, home addresses, email addresses, phone numbers, credit card information, and IP addresses, you may be collecting information about purchase histories, gender, age, income, or marital status.  Your analytics provider, your advertisers, your third party shopping cart, or your payment processor may all be collecting information throughout your site. These activities should be identified and your customers should be directed to any third party privacy policies that may apply.

 

  • How is data being collected? Online forms used to gather data may be obvious to the consumer, while cookies and other trackers placed on the visitor’s computer browser may go unnoticed. You should clearly explain all data collection practices to customers.
  • How will the data be used?  Answer this question and tell your customers how, where and how long you will store the information you collect. If you share customer data with affiliates or service providers, sell data you collect to business partners, or allow marketers or others to collect data on your site, be sure to explain what information is being shared or sold and how it may be used.
  • How do you protect the data?  You should be protecting customer data with strong security measures. In your policy, you can explain what you’re doing to provide assurance to your customers, but avoid getting too detailed: revealing too much about your security practices could put your systems at risk.
  • How can customers control their data? Provide a point of contact at your business (usually an email address or phone number) to help customers change passwords, unsubscribe from mailing lists, close accounts, or address a problem. If marketers are using your site to collect data for interest-based advertising, you should also provide customers with opt-out information for this activity.

 

Keep in mind that you are legally responsible for keeping the privacy promises you make in your policy. If you have questions, seek legal advice before finalizing the policy. This is important — you want to be thorough.

 

Sean Spence is the regional director of Better Business Bureau Columbia. 

Recent News

Do You Know Your City Councilperson?

This story appeared in print as part of “The Word on the Streets.”   Want to catch up on infrastructure issues in Columbia? There’s...

Modernizing Infrastructure Through Innovative Technology

The investments states make in transportation and infrastructure not only shape how people get around, but how effectively communities can grow. Today, infrastructure and...

Opinion Response: “Close It Down!” and Columbia’s Transit System

“Close It Down!” — Al Germond’s August 29 opinion piece in CBT — caught our attention. We, members of the Public Transit Advisory Commission, were...

Jumping into the Local News Conversation

The news business has hit a bit of a rough patch lately. Reporters are fielding attacks on their integrity, news outlets are facing budget...

Press Release: Columbia Marketing Group: A New Advertising Agency for Mid-Missouri

For more information, contact: Fran Patrick, Director of Account Services fran@columbiamarketinggroup.com   Business Times Interactive, formerly the digital marketing division of The Business Times...