The Hostway Blog

Writing a Privacy Policy

A privacy policy shows your customers you care about protecting their information and inspires trust in your business. Even if the only information you collect is name and email address, having a posted privacy policy increases prospective customers’ confidence in doing business with you.

The level of detail in your privacy policy will depend on how much personal information you collect, but there are certain issues to consider and address in any privacy policy.

Privacy Pledge and Security

Every privacy policy, no matter how simple, should include a statement about your commitment to protecting your visitors’ privacy. Include a section about security in which you explain the steps you take to protect the personal information you collect. Explain any technical terms you may use, like encryption or Secure Socket Layer (SSL). Be specific, but don’t make promises you know you can’t keep. The Federal Trade Commission can and does prosecute deceptive practices. Explain how your security procedures benefit the customer.

Information Collected and Shared

Inform your visitors about all the information you collect and how you collect it. There are two ways a business can gather information:

  • Actively: This is the information you ask customers and Web site visitors to enter into forms. It can include name, email, telephone numbers, age, interests and credit card numbers. State how you collect this information and which items are required to access your Web site or do business with you.
  • Passively: This is information acquired by cookies or other Internet tracking technologies. Explain why you collect this information and how it may benefit your customers’ relationships with you. Explain how to turn off cookies and how this might affect the ability to use your Web site.

If you share collected information, explain that you do so only with “trusted partners,” why it’s important to do so and how sharing helps the customer. If you do not normally share information, say so, but include a statement that you will comply with any legal disclosure requirements, including court orders or subpoenas.

Customer Opt-out

Explain how customers can opt out of promotional communications from both you and your partners. If there are necessary types of communications they cannot opt out from, such as account-specific reminders or billing, spell that out too, along with the frequency of this type of message.

Write your privacy policy in everyday language that most of your visitors will understand. Review it periodically to ensure it still reflects your practices, and revise anything that is out of date. Encourage readers to bookmark the page and check back regularly for updates. Include contact information, in case visitors want clarification on any points. It’s also a good idea to have your lawyer review your privacy policy for completeness, accuracy and compliance with local regulations.

Finally, provide a link to your privacy policy in the footer of every page, and link to it from all Web site forms. Make it easy for your visitors to see how your privacy policy benefits them.