Before you start drafting a website privacy policy, there are a number of important questions that you need to ask, such as:
• What information does your company collect?
• How does the company use the information that it collects?
• Where is the information stored?
• Does the company maintain a company privacy or security policy?
• If so, does the policy fit the business type and comply with appropriate regulations?
• Finally, does the institution comply with the company privacy policy that is in place?
All of these questions will help you address the topics that need to be mentioned in the website privacy policy. However, keep in mind that the website privacy policy must only discuss privacy issues related to the website and not the general privacy policy of the company, even though these policies may overlap.
What are some of the clauses that your website privacy policy should contain?
You should include a list of required and optional information that your company collects during website registration. This may include the name, address, telephone number, email address and any interests of the registrant.
A disclosure about how the registrant’s information is used and whether it is disclosed to third parties is necessary as well.
Depending on the type of business that the company engages in, there may be specific privacy regulations that apply. For example, financial companies have extensive regulations that require strict compliance under the Gramm-Leach-Bliley Act. Companies that target children must comply with the Children’s Privacy Protection Act or COPPA.
Furthermore, you must mention if your company gives registrants the option to opt-out of information sharing and provide a disclosure regarding cookies and other forms of information collection methods that your company uses.
Finally, creating and maintaining a privacy policy should be an ongoing task. It should always reflect the actual practices of your company and comply with appropriate regulations.
For more information on website and other types of privacy policies please contact us at drevzin@revzinlaw.com