Clauses for Privacy Policy

Post on 24-Jan-2018

96 views 1 download

Transcript of Clauses for Privacy Policy

Throughout most of the world, a Privacy Policy is required by law (1) if your business collects and uses personal information from users.

(1) Link to

Personal information includes any information that can be used to identify a user including but not limited to:

NameEmail addressBirth dateIP addressBrowser information and settingsMailing addressetc.

When creating your Privacy Policy (2), here are 12 essential clauses you need to include.

(2) Link to

1. Types of Information Collected

Let your users know what information you collect from them.

Your clause can be very detailed and specific, such as in the following example.

1. Types of Information Collected

Or, your clause can be more general.

2. How is Information Collected

Let users know the different methods you use to collect their information such as through services or directly from the users themselves.

3. What You Do with Collected Information

Here is where you let your users know exactly how you plan to use their information.

4. Cookies Policy

If you use cookies, include a section that lets users know this.

Or, include a separate Cookies Policy (3). It’s required in the EU under the EU Cookies Directive (4).

(3) Link to

(4) Link to

5. Third Party Access to Personal Information

If you allow third parties to access users’ information, you need to let users know.

Common third parties that access information include advertisers, analytics apps, social networking apps, etc.

6. Dispute Resolution

Include this clause so that you are limiting lawsuits against you.

Users will be required to go through arbitration rather than suing you.

This helps you save time, money and avoid litigation.

7. Business Transfers

Your company may one day merge with another or be acquired by a larger company.

This clause helps users feel secure about their data, knowing that your current Privacy Policy will still apply to their data when transferred.

8. Changes to your Privacy Policy

Reserve the right to change your policy as needed.

Let users know how they will be notified of updates when they occur.

9. Email Marketing

Anti-spam laws apply in several nations, including CAN-SPAM (5) in the United States.

Include a clause that addresses how users can opt out of receiving promotional emails and other commercial communications from you if they so wish.

Provide a link to an opt-out page for convenience.

(5) Link to

10. COPPA Compliance

The Child Online Privacy Protection Act (6) (COPPA) is a US law that applies to websites and apps that are aimed towards children under the age of 13 who live in the United States.

If your website doesn’t collect information from children under the age of 13, you can state this.

(6) Link to

10. COPPA Compliance

However, if your website/app is for children under 13, you need to take steps to ensure your Privacy Policy is COPPA-compliant (7).

Parental consent and protection of information need to be addressed.

(7) Link to

11. Data Retention

Let users know your process for retaining data if a user deletes an account or gets his account terminated.

Laws may dictate the length of time you’re allowed to retain data for.

12. Contact Information

Let users know how they can contact you with questions and concerns regarding your Privacy Policy and their personal information.

Including multiple ways to contact you such as email, phone, online chat and postal mail is best practices.