Start by referencing the U.S. Federal Trade Commission’s Fair Information Practice Principles of privacy protection. These guidelines present standard concepts about fair-information practices for companies that conduct business on the web.
Identify Who (or What) Is Collecting the Data
Be clear about what entity will gather, store and release customer information. If you operate under the umbrella of a parent company, which entity ultimately gathers and houses the data? If it’s the parent company, then clearly state this in your policy rather than hiding it deep inside the text where it will be overlooked.
Explain How the Data Will Be Used
Additionally, share how potential and existing customer information will be used. If this information will only be used to facilitate their transaction, then state that in the policy.
Inform Users of Their Rights
In your business communications, make sure customers can easily subscribe to and unsubscribe from weekly newsletters, special offers, promotions and other company updates. Recipients should be able to easily sign up for your communications and easily unsubscribe should they choose to do so at a later time. Companies that fail to remove customers and other subscribers who’ve chosen to opt out of their mailing lists risk being labeled as spam or, worse, blacklisted by Internet Service Providers (ISPs). Being blacklisted adversely affects your deliverability and makes it difficult to reach even your most loyal customers.
Describe the Nature of the Data
Affirm Your Commitment to Protecting Customer Data
Getting the principles and language right the first time will provide prospects and customers with a sense of confidence and security when using your website and business services. The policy should also state the date your website was last updated.
Consider a “Seal of Approval” for Your Policy
You can boost your online reputation by validating your privacy and security practices with commercial privacy service companies like TRUSTe. These providers can help you create a policy or review an existing one to make sure your policy’s information is current and accurate.