The people at the BBB put together a list of what they consider important information to include in website privacy policies.
What data is collected: It may seem obvious, but there is a great need to identify every type of data being collected. “In addition to names, home addresses, email addresses, phone numbers, credit card information, and IP addresses, the website may be collecting information about customer interests, purchase histories, or demographic information such as gender, age, income or marital status,” advises the BBB authors.
Something else to consider are third-party vendors such as analytics providers, advertisers, and payment processors who collect data on the company’s business website. Customers should be advised who collects what data and given access links to the appropriate privacy policies.
How data is collected: Using forms to collect contact information or financial data for purchases are obvious collection points. What may not be obvious is the data collected by cookies and trackers, and website visitors have the right to know what that information is.
What is being done with customer data: Besides telling website visitors and customers how their data is being used, how it is stored, and how long it is saved, it is important to make known whether customer data is shared with affiliates, service providers, or sold to business partners and/or marketing firms. In other words, inform customers of every possible way their data may be used.
How customers can control their data: The BBB advises companies to provide a contact to help customers with privacy issues–even those as simple as closing accounts or unsubscribing from mailing lists. The article also suggests, “If marketers are using the company website to collect browsing data for interest-based advertising, customers should be provided with opt-out information.”
For more information on privacy-law compliance including GDPR and COPPA, the BBB authors suggest checking out the National Cyber Security Alliance’s tips for businesses. In addition, check out these cybersecurity resources from the BBB.