Privacy Policy

  1. Most businesses are not required by law to have a Privacy Policy. However, if you do collect personal data from your users, you are required to post a privacy policy online.

     

  2. Make a list of information to include in your policy. This should be basic information about how you may come to have a user’s personal information and what you will do with it. Some common items you may wish to cover in your Privacy Policy include:

     

    • When you collect information from users. You may collect information when users place an order, sign up for an account, or access certain areas of your site. Think about all the times when you may ask users for personal information

     

    • What information you collect. Will you simply ask users for their name and email address or will they be required to provide you with sensitive information such as their phone number, address, or social security number?

     

    • How you use the information you collect. Many sites use the information they collect in order to make the users experience on the site more enjoyable or to provide users with product orders. You will want to specify in your policy exactly how you use the information that you collect.

     

    • If users can access the information you collect to update, correct, or delete it. If users will have access to the information that they provide you should describe how they may access it and what changes or updates they will be able to make.

     

    • If you disclose the information to others, and to whom. If you use a shipping company to whom you provide customer names and addresses or you share users information with other parties for any reason, you will need to include this information in your privacy policy.

     

    • That you may change the policy at your discretion. Reserving the right to modify your own policy can be very important. In 2004, the Federal Trade Commission (“FTC”) charged Gateway Learning with unfair trade practice for changing its Privacy Policy without providing notice or obtaining consent from past website visitors.

     

    • Contact information for users who have privacy questions or concerns. Any reputable website will provide users with a way to contact someone if they have questions. You may wish to consider including contact information in your privacy policy for users who have questions specific to your company’s privacy practices.

 

  1. Obtain a privacy policy template. There is no need to reinvent the wheel. Start with a template and modify it to fit your needs. Templates can be obtained from several reliable sources including:

     

    TRUSTe. TRUSTe is an independent non-profit privacy initiative that has established a wizard that allows a website to automatically generate a privacy policy. You can find the TRUSTe privacy policy wizard at http://www.truste.org/wizard.html.

     

    TermsFeed. TermsFeed posted an online free privacy policy generator, available at http://termsfeed.com/privacy-policy/generator/ 

     

    Trust Guard. Trust Guard has created a free comprehensive and reliable privacy policy generator, which you can find at http://www.freeprivacypolicy.com/free-privacy-policy-generator.php.

     

    Live Law. Live law provides a free website privacy template for Australian websites. This template generator is located at http://www.lawlive.com.au/australian-website-privacy-policy-template/.

     

    • Create your privacy policy. Modify your privacy policy template to include the information you have listed and any clauses, which are required by law.

Tips

• Keep in mind the four key points of a privacy policy: Notice, Choice, Access and Security.

• Keep your Privacy Policy flexible, so that you do not have to violate it later. For example, claiming that you do not share users’ information with anyone may be reassuring to your users, but it is almost certainly not true. At some point, most websites will need to share some type of information about its users with someone. Consider every angle and the future needs of your business.

• Short and sweet is best for Privacy Policies and Terms and Conditions--don't be too colloquial, though, or else your readers won't take you seriously.

• Review your competitors’ Privacy Policies and Terms and Conditions before you begin creating your own. Drafting any legal document is easier if you have read one and had a chance to study it. Some things to look for while reviewing your competitors’ policies include formatting, specific clauses, and choice of language.

Warnings

• Not all legal forms and templates are created equal. Many of the Privacy Policy and Terms and Conditions templates available online were not drafted by legal or business professionals and do not comply with privacy and contract laws. Be careful about where you obtain legal forms and templates.