On the Internet, a privacy notice or privacy policy is often a litmus test of how secure and dependable a company may be when it comes to handling its customer’s information. Those who’ve ever read a privacy notice, and there are indeed people who are this thorough, know that this is a document produced by a website to explain many different aspects of a customer’s/user’s privacy or lack thereof. The most comprehensive privacy notice types will painstakingly set forth details about how information is guarded, shared, collected, and used not just by the site owner but also by any related sites or businesses with which the company has shared interests. Though lengthy, these policies are interesting to read, and it’s also the recommendation that any web owner seeking trustworthy status must provide one of these for their site users.
Several common features may be found in the average privacy notice. First, the website may explain what information it collects, and what rights a user has to stem that flow of collection. It’s possible the user has no rights, but often subscribing or becoming a user on a particular site allows people to opt-out of giving certain kinds of information. For instance a newsletter site might want people to receive in their mail other types of newsletters, or an online store thinks a customer’s mailbox is the perfect place for daily advertisements. Since this can annoy some customers, some customers may be able to, when agreeing to a privacy notice, check or uncheck boxes that will free them from a certain amount of spam or correspondence from additional businesses.
Of course, the opt-out feature is not always available, and a privacy notice typically must state that a company plans to share a user’s information elsewhere. A common way of saying this is that information “will be shared with our affiliates,” which could mean anybody, since affiliates have affiliates too. One way of determining how greatly this invades privacy is to determine type of information shared. Will a company share, email or physical address, phone number, name, type of customer, or every email composed, for instance? Finding out exactly what information is routinely gathered and shared can help people determine their degree of exposure and this is usually specified in a notice.
There are things people might not think about as being shared or used by a company that may show up in a privacy policy. On vendor sites, sometimes what people look at and purchase is part of the information used by a company. Shopping sites do this frequently. People who’ve bought something in the past may be solicited with items related to it each time they pay a new visit to the site. Some people find this convenient and others find it irksome.
After having read a privacy notice fairly closely, many customers figure they understand information they’ll be sharing by their use, and what information a company will not access. This might be true were it not for the fact that routinely a single sentence in a policy may completely negate security. If a company claims the right to change the policy at any time, they can, at a later point, do just that. This means what is private today, isn’t necessarily private tomorrow.
Even if the idea of a privacy notice annoys some people, it’s still not something the responsible website owner can do without. The last thing a site owner wants is a lawsuit because he or she has not specified the rights to privacy a user has. For this reason, and for the additional benefit of building trust and having openness with all potential site users, constructing a privacy policy is very important. There are “canned” or premade policies that can be used, or others could be much more extensive. When extensive use of a user’s information is made, it may be best to hire an attorney to craft the policy.
No matter how it's written or by whom, having a check off site at which users sign that they’ve agreed to the notice and to the terms and conditions of using the site makes good legal sense. It helps absolve the web owners of potential issues that might arise if the site is somehow misused, or if failure to protect privacy is alleged. Moreover, giving a comprehensive document that is easy to locate on the site, signals professionalism. Finally, allowing opt-outs on certain uses of information may actually be more satisfying to a customer base, encouraging site re-use.
