A Privacy Policy is a legal document where you specify if you collect personal data from your users, what kind of personal data you collect, what you do with that data, and other important information about your privacy practices.
In this article we’ll discuss a few of the laws that require Privacy Policies, as well as what content you’ll need to put in a Privacy Policy when creating one.
A Privacy Policy is required by law if you collect personal data. Personal data is any kind of data or information that can be considered personal (identifies an individual), such as:
- Email address
- First and last name
- Billing and shipping address
- Credit card information
What is a Privacy Policy
A Privacy Policy is a legal statement that specifies what the business owner does with the personal data collected from users, along with how the data is processed and for what purposes.
In 1968, Council of Europe did studies on the threat of the Internet expansion as they were concerned with the effects of technology on human rights. This lead to the development of policies that were to be developed to protect personal data.
This marks the start of what we know now as a “Privacy Policy.” While the name “Privacy Policy” refers to the legal agreement, the concept of privacy and protecting user data is closely related.
This agreement can also be known under these names:
- Privacy Statement
- Privacy Notice
- Privacy Information
- Privacy Page
A Privacy Policy can be used for both your website and mobile app if it’s adapted to include the platforms your business operates on.
The requirements for Privacy Policies may differ from one country to another depending on the legislation. However, most privacy laws identify the following critical points that a business must comply with when dealing with personal data:
- Notice – Data collectors must clearly disclose what they are doing with the personal information from users before collecting it.
- Choice – The companies collecting the data must respect the choices of users on what information they choose to provide.
- Access – Users should be able to view, update or request the removal of personal data collected by the company.
- Security – Companies are entirely responsible for the accuracy and security (keeping it properly away from unauthorized eyes and hands) of the collected personal information.
Who Needs a Privacy Policy
Any entity (company or individual) that collects or uses personal information from users will need a Privacy Policy.
A Privacy Policy is required regardless of the type of platform your business operates on or what kind of industry you are in:
- Websites
- WordPress blogs, or any other platforms: Joomla!, Drupal etc.
- Ecommerce stores
- Mobile apps – Not having a Privacy Policy can be a reason for rejection of your app from app stores.For example, a Privacy Policy is required for all iOS apps.
- Facebook apps – Facebook requires all pages, groups and events that collect user data to have a Privacy Policy: