How to write a Privacy Policy

How to write a Privacy Policy

A Privacy Policy can be defined as the policy under which a
company or organization operating a web site handles the
personal information collected about visitors to the site. For
most of us consumers, privacy involves protecting our integrity
and our right to disclose or not our personal information to
third parties, without letting anybody bother us with
unsolicited communications if we do not want to be contacted.

Why has privacy become such a big deal for consumers over the
last few years? The answer is that customers need reassurance
before giving out their personal information to someone they do
not know. They might really like your web site and even visit it
often, but as soon as you ask for their name, they get
suspicious. Moreover, if you also ask for their address, phone
number, credit card number, bank names, account numbers, health
history, or current job information, they start worrying about
what you are going to do with all that information. Can you
blame them? Of course you cannot. What you have to do is ensure
you address some basic but critical aspects of their concern,
through a clear and efficient Privacy Policy.

Below are some important issues you should take into
consideration when writing your company's Privacy Policy:

1) Explain what types of information you collect and how you use
it Provide reassurance. Clearly explain what types of
information you ask from your visitors for and what you are
going to do with such information. Besides personal information,
what other information do you keep track of? Do you collect
information from children? How do you verify parental consent
for information about their children? Remember that information
is power and although about two thirds of Internet users might
be willing to accept a guarantee that you will not abuse their
privacy, the other quarter feels extremely nervous about the way
their personal information might be used. Therefore, if your web
site mines raw transaction data to identify visitors, to come up
with new offers, or to sell their names to merchandisers, you
will need to explain how you share that information within your
own family of companies and outside, or else you will very
likely face serious legal problems. 2) Explain why your server
and online operations are secure

Now you have already told people what information you ask for
and what you do with it, but that is just the tip of the
iceberg. Next you will have to explain what makes your server
and online operations secure. You probably do not want to be
caught with no answer when confronted with questions such as,
'How do you make sure nobody steals my credit card information?'
or 'How do you protect the privacy of my emails to your customer
support team?' Point out how your consumers can tell if they are
really on a secure server, i.e. the change in the URL, the icons
that show up on the status bar, etc. You may even take a shot at
explaining encryption, and the Secure Sockets Layer. Most
importantly, concentrate on the benefits to the consumer, for in
the end, most of them will not care less about all the security
measures you take and all the money you spend to make your
website secure, unless that translates into some specific
benefits to them.

3) Let customers out When people read your Privacy Policy for
the first time, they will want to know how they can start or
stop receiving email from you. Giving customers an opt-in and
opt-out option is a great way to build trust and lower their
personal barriers. However, you must be aware that people's
needs, desires and interests might change over time and despite
the fact that no one likes to lose a customer, you must let them
go if they state that they are no longer interested in receiving
your emails. In order to protect your customers' privacy, you
must give them access to their personal profile or account, and
let them delete themselves. Since one of the biggest invasions
of privacy is spam, one of the organizations created to fight
spam called The Anti SPAM League considers that it is a good
idea to allow people to opt into your e-mail newsletter twice -
once by clicking the checkbox and Submit button, and again by
responding to the e-mail notification that they can subscribe if
they reply -. Double opt-in makes it more likely that people
know what they are doing when they volunteer for the email.
Remember to include an 'unsubscribe' option at the bottom of
each newsletter you email to your customer base. Of course, if
most of your customers request to be removed from your mailing
list then you will have a much more serious problem because your
business will be in danger. But still, you must always give your
customers a way out. 4) Let customers view and edit their
personal information If you give people the opportunity to view
and edit their information, chances are they will provide even
more. The reasoning under this is pretty basic: almost no one
destroys his or her own data. Therefore, whenever you display
customers' personal information, place clear and visible labels
indicating how they can edit it. Be clear about how they can
view and edit their information, i.e. 'You can access all your
personally identifiable information that we collect online by
logging in and clicking the 'Change User Info' link in the box
on the right-hand side of every page'. Also, answer questions
that might be of extreme importance to some customers such as,
'Can I review information you have about my child?'. 5) Inform
customers about policy changes

Most businesses revise their Privacy Policies from time to time.
If you are among these businesses, inform your customers how
they can have access to those changes and revisions. For
example, include a sentence in your Privacy Policy such as, 'New
versions will be posted on this web site, so please check back
periodically for updates'.

6) Tell your customers who to contact in case they have
questions about privacy Sometimes people might have some
specific questions that are not explicitly covered in your
Privacy Policy. For example, where they can learn more about
their right to privacy or who they can talk to if they have a
question about their privacy. Always include one or more ways in
which customers can contact you regarding privacy issues. This
contributes a lot in terms of reassurance.

7) Write a privacy policy that people can understand Last, but
not least, this issue can make the whole difference between a
trusted business and one that may look OK, but deep inside you
feel you cannot trust. Unfortunately, most Privacy Policies are
written by lawyers and consequently, contain way too many
technicalities. We do not question the value of legal
terminology, but we greatly emphasize the fact that a Privacy
Policy does not need to sound too serious or elegant. It just
needs to be clear and simple, so that any average consumer can
understand it without much effort. If you use industry or
in-house jargon without explanation you make readers suspect
that you are trying to pull the wool over their eyes and the
final result debilitates the whole purpose of the policy, which
is to build trust. Sure you will have to talk about your
security precautions, but refer to them in plain English before
you mention tech words that most people do not understand. Our
advice regarding how to write an efficient Privacy Policy can be
summed up in just two sentences: 'Keep it simple', and 'Do not
lie to your customers'. If you want to learn more about this and
other related topics, check out www.Anti-Spam-League.org. This
organization offers free membership and the chance to access a
wide amount of relevant information on privacy, spam, email
abuse, Internet fraud, responsible marketing and several other
topics.