Privacy Policy Requirements

Website privacy policies have become an essential and best practice for any organization that does business or collects information online. New technologies, data sharing, and mobile access combined with new laws and regulations may make existing website privacy policies out of date. Now is a good time to review privacy policy requirements and your organization’s current compliance.

What is an online privacy policy?
In 2003, California passed a privacy law that required any company with an online presence that does business with California citizens to conspicuously post a privacy policy and explain how customers are protected. Most websites now comply with a description of what data is collected, how it is used and how to opt-out of the collection.

What are the privacy policy essentials?
New technologies, data sharing practices, and mobile access have expanded and expanded basic website privacy policy essentials.

Data Collection: If you have a mobile website, use a cloud-based service, or allow advertising, the data you collect may have expanded beyond cookies and forms to include geo-location information and online behavioral tracking. Make sure you disclose all data you collect, what you do with it and how it is protected.

Data Sharing: Other companies may collect data on your site. Website analytics, shopping cart programs, social networking share buttons, and advertisers drop cookies when users browse your site. A privacy policy should disclose any data collected by 3rd parties and identify who they are.

Choice: Privacy policies have always included a mailing address for resolving disputes. An email and a phone number are a best practice. But the complexity of today’s privacy issues is best served by tools for users to manage their own privacy. Giving users a meaningful choice to opt-out of sharing using privacy settings is preferred.

Who writes privacy policies?
Legal counsel will produce a 2,000 word document written for other lawyers. Privacy is not just a matter of legal compliance. It is now part of your customer service. A privacy policy should be written for anyone to understand.

Where are privacy policies found?
Privacy law is not specific to websites. It applies to any applications or devices that collect personal information over networks. If you optimize content for different marketing channels, consider optimizing your privacy policy for those same channels. Short privacy notices that are more graphical may be used on mobile websites and apps to guide users to better manage their personal privacy.

Privacy policy requirements are changing with new concerns about consumer privacy and powerful new technologies. Let TRUSTe help guide your organization with a comprehensive privacy management suite.