Skip to content
The Gazette. Learn something new today and every day.

More Stories

How to write an effective privacy policy

By Bobby Hansen

Sep. 12, 2022 5:30 am

Customers have a right to know how you handle their personal data. Whether you are processing credit card payments, saving shipping or contact information, or signing them up for a newsletter, customers should know what data a business collects and how it is used.

A good privacy policy, to which you absolutely adhere, can do this.

The Federal Trade Commission recommends privacy policies for most websites that collect and share consumer data. Laws differ depending on what data you collect.

Even if you’re not processing sales, you may be collecting personal data to generate leads, make appointments, manage subscriptions or share with advertisers.

  • Keep it visible — Make it easy to find. Include a link in the header or footer of every page so visitors can check before interacting. At a minimum, it should be linked from your homepage to pages where data is collected.
  • Keep it simple — Consumers don’t want to read legalese or technical jargon. A privacy policy should be clear, concise and written in plain language so customers can readily understand how you’re handling their information.
  • Keep it real — Say what you do and do what you say. Your policy is a pledge about how you handle and protect personal data. It should accurately reflect data practices unique to your business; one size does not fit all.
  • Keep it current — Make sure your policy is updated if you change business and privacy practices. Communicate changes in data use or sharing to customers before taking effect.

What to address in your policy

You are responsible for abiding by the privacy promises made in your policy. If you have questions about your obligations, seek legal guidance to make sure it complies with applicable laws.

  • What data is collected — In addition to names, home/email addresses, phone numbers, credit card information and IP addresses, you may be collecting information about a customers’ interest, purchase histories or demographics.

Your analytics provider, advertisers, third-party shopping cart or payment processor all may be collecting information.

  • How data is collected — Online forms with email details and credit card data for purchases may be obvious to the consumer. Data collection using cookies and other trackers may go unnoticed. Clearly explain your cookie practices.
  • What you are doing with the data — Tell customers how you’re using data and how, where and how long it is stored. If you share or sell data with affiliates, service providers, marketers and business partners, explain what is being shared or sold and how it may be used.
  • How customers can control their data — Provide your point of contact — an email address or phone number — so customers may change passwords or close accounts.

If marketers collect browsing data for interest-based advertising, provide an opt-out option.

  • How you protect the data — Always protect customer data with strong data integrity and security measures. Refer to these measures in your published policy to provide assurance to your customers.

Bobby Hansen is regional director for the Better Business Bureau Cedar Rapids office; (319) 365-1190.
Date Time Location Previous Next chevron-circle-right Funeral Home Facebook Bluesky X/ Twitter Linkedin Youtube Instagram Tiktok Reddit Email Print Buy RSS Feed Opens in new tab or window PDF
Daily NewslettersDaily Newsletters

Share this article: