Privacy policies show customers that they can trust a brand and give them peace of mind when purchasing or interacting with a brand. A comprehensive policy also gives your team peace of mind, making it less likely to get a “surprise complaint” from a customer or be hit with a costly lawsuit.
Data privacy is an incredibly important topic to businesses and consumers around the world. Privacy policies are a legal requirement in many countries but at the heart of the demand for increased data privacy and privacy policies are consumers. Consumers want to know how their data will be used and if you're taking proper precautions to protect it because they know that their data is at risk.
Let's dive into the data on data privacy:
These numbers show a concerning trend of increased data breaches and personal information stored by companies. It also shows that US consumers are aware and concerned about the risk of your business collecting and storing their data.
Here are state regulations that regulate data privacy:
Nevada - SB260
Vermont - SB110
Delaware - Delaware Online Privacy and Protection Act
Virginia - Consumer Data Protection Act
Colorado - Consumer Data Protection Laws
Provide relevant contact details for your business. This includes your business name, address, and contact methods (phone, chat, email, etc.). Even if this wasn't a legal requirement, it's best to include this information. Making this information easily accessible reduces customer frustration when they have a question or complaint.
PII data that you specifically need to disclose the collection of and protect include names, birthdays, email addresses, phone numbers, postal addresses, purchase activity, IP addresses, payment details, social security numbers, and more.
Technical information that you might collect includes device type, unique device identifier, IP address, browser used, time zone and location the website was accessed from, browser plug-ins used, operating system, and more.
The website visit data you may collect and need to disclose reads like a Google Analytics dashboard. Here are a few examples: URL, date and time a web page was accessed, pages viewed by a web visitor, page response times, download errors, visit duration for specific pages, page interaction information, etc.
You need to disclose whether you are storing data manually or electronically and ensure users that the method you have chosen was carefully vetted. Obviously, the transmission of information via the internet is not completely secure, so you will want to include a disclaimer about the potential risk.
It’s vital to include how your data is used and if you will be sharing any of this information with a third-party service provider. Some companies sell user information. If this is the case, you will need to disclose this in your policy and familiarize yourself with relevant legislation. The California Consumer Privacy Act (that went into effect 1/1/20) empowered California citizens to opt out of data selling. Although it's only law in California, some companies have decided to proactively give users this option. If you don't sell customer data (and have no plans to) you may as well include that you don't sell customer data in your policy. If you do sell customer data, we recommend preparing your business for increased regulation.
Additionally, list the third-party apps that have access to customer data. This may include analytics tools (Google Analytics), tools used for advertising purposes (Google Adwords, social media platforms, etc.), email software (Mailchimp, ActiveCampaign, etc.), and payment processing tools (Stripe, Square, etc.).
Before bringing a professional service business or third-party tool into the fold and granting them access to your data, you will want to ensure that they can be trusted with user data.
We want to close this blog post with a few quotes from two guys you might have heard of.
"Privacy means people know what they're signing up for, in plain English and repeatedly. I believe people are smart and some people want to share more data than other people do. Ask them. Ask them every time. Make them tell you to stop asking them if they get tired of your asking them. Let them know precisely what you're going to do with their data." - Steve Jobs, Apple Co-founder
“If you put a key under the mat for the cops, a burglar can find it, too. Criminals are using every technology tool at their disposal to hack into people’s accounts. If they know there’s a key hidden somewhere, they won’t stop until they find it. - Tim Cook, CEO of Apple