Keep in mind that this mainly applies to websites that request user information such as email address 📩, phone number 📱, or credit card details 💳. This applies to normal activities like newsletter signup or a small number of items for sale.
Across the globe, various government agencies guide on how to develop website privacy policies. So, here are a few you need to be aware of.
California Websit Privacy Protection Act (CaIOPPA)
California Consumer Privacy Act (CCPA)
General Data Protection Regulation (GDPR)
GDPR legislations apply to users within the European economic area (EEA). Privacy laws set by GDPR are very comprehensive 👌 and demand adherence to international standards when dealing with data privacy under any legal process.
Children’s Online Privacy Protection Act (COPPA)
Personal Information Protection and Electronic Documents Act (PIPEDA)
This privacy law applies to businesses operating in Canada, home of maple syrup. Firstly, you should note the major theme of this law is the “openness” of information on legal bases. This is because it states that website operators 👨 have to have transparent policies for law enforcement purposes.
- What information do you collect?
- Why did you collect the information?
- Do you share personal data with third parties?
- What are user rights over their data?
- Where are your links to other policies?
Not sure how to do that? Let’s discuss these elements further.
- Personal data (name, email address, etc.)
- Mobile data (mobile phone ID and manufacturer information)
- Financial data (credit card details, preferred payment methods)
- Third-party data (ex: social media friends list)
- Derivative data (IP address, location history, and session web measurement)
- Data from social media websites (Instagram login information, mailing address)
Why You Collect the Information
After letting individual users know the type of information you collect from them, you have to divulge what the reason for doing it is 🤔. Therefore, the privacy practices laws outlined above ask that you state the purpose for collecting the information from the user address book.
Some of the common reasons for collecting personal information include to:
- Complete transactions with third-party sites
- Process orders and perform technical controls
- Create user accounts
- Send commercial marketing newsletters🗄
- Register users for commercial purposes (i.e. sweepstakes, contests, or surveys)
- Prevent fraudulent activities 🤓 and work with government authorities
Whether You Share User Data with Any Third-Party Website
Most websites integrate with third parties to enhance service provision and user experience. For direct marketing purposes, for example, a website may need to transfer📤 some user information to third parties through an email message or other analytics tools.
During such a kind of content interaction, the website must state📝 the categories of third parties it shares information with. Some possible third parties include:
- Business partners
- Service providers
- Interest-based ads vendors and advertising networks
- Credit bureaus
- Financial institutions
- International agencies
- Federal agencies or a state government agency
- Social networks
As a rule of thumb, as a website, only share non-personally identifiable information with third parties. This minimizes potential security threats and unauthorized access.
User Rights Over Their Data
Links to Other Policies
- Terms and conditions😎
- Disclaimer information, and
- Cookie policies ⚠
It’s important to link these documents to each other so that users can seamlessly navigate📈 them. This is because such links help people understand how your system works.