As a business, you deal with a lot of personally identifiable information on a daily basis. It can come from anybody who interacts with your business, like clients, vendors or employees.

You need to have a privacy policy declaring how you, as a business entity, will be using that data. There are five key elements that a privacy policy must touch upon. Let’s look at each of these five areas.

#1 – THE DATA YOU ARE COLLECTING

Your privacy policy needs to spell out what kind of personally identifiable information you are collecting. Make sure you cover all possible data—right from something as ambiguous as first names to the more important ones like credit card information.

#2 – HOW THE DATA COLLECTED WILL BE USED

The next step is to state how you will be using the data you procure and for what purposes. For example, if you will be using the data to reach out to customers at a later date to market your products and services, you need to state that.

#3 – DATA SHARING INFORMATION

Who will you be sharing the data with? You need to identify who you will be sharing the personally identifiable information with. For example, it is possible that your vendors or partners may have access to it. You need to declare this clearly in the privacy policy.

#4 – DATA SECURITY AND STORAGE INFORMATION

Your privacy policy should identify how you will be storing personally identifiable information. You also need to discuss the security measures you will be taking to keep it safe.

#5 – VISITOR RIGHTS

The first 4 elements discussed here pertain to disclosure of information regarding data collection, sharing, storage and security. These are all from the business’s perspective. The final item in the privacy policy covers the rights of your visitor. Your privacy policy must mention:

  • How visitors can see what personally identifiable information of theirs has been procured
  • Correct or update their personally identifiable information
  • What recourse visitors can take if there’s a breach of the privacy policy

Be sure to cover all these five areas when drafting your privacy policy. You can also resource AxiaTP to draft up a policy for you.

Recent Insights