Statement that declares a firm's or website's policy on collecting and releasing information about a visitor. It usually declares what specific information is collected and whether it is kept confidential or shared with or sold to other firms, researchers or sellers.
For example, if your website simply checks to see which country the user is from in order to provide them with the most relevant information (such as prices in $ or £), then most users will not have any concerns about such non-specific information being collected.
On the other hand, if your website has the capability to store data about the user's name, address, and credit card information, it is your responsibility to let them know you are collecting and storing this data so they can decide if they want to provide you with that information or choose to not have it saved in your system.
Letting users know what information your app or website collects is not only a legal obligation, but it shows goodwill by being open and transparent about what your app or website is collecting and why.
By being clear about what information is being collected (and later, how collected information is used and kept safe) you empower users to make the decision of whether they want to use your services or not.
While this list is extensive, it is not exhaustive. It is important to disclose all types of information that your app or website collects from users in order to comply with laws and be transparent with your customers.
If your app or website uses third-party analytics or other third-party functionality that may collect personal data from your users, it is important to point that out as well so they can consider those Privacy Policies which may differ from yours.
In most cases, the information apps and websites collect is strictly for use by the app or website in order to improve functionality. By letting your users know that their information is only being used for their benefit, most people will gladly accept these policies.
If you are using this data for other means, however, it is important to let your users know what information is being used and how it is being used so that they can decide if they want to be involved. Not only is it your obligation from a legal standpoint, but it allows you to clarify what information is being compiled for what purposes and build trust with your users.
For example, tracking visits per country in a non-specific way probably would not be a concern for most of your visitors.
However, if you are storing data on the GPS location of visitors according to their mobile device, some users may not feel comfortable with that data being used. They can decide to turn off the GPS setting on their mobile device or decide not to use your app or website at all.
In the end, the user has the right to make this decision and it is your responsibility as the owner of the app or website to provide them with that choice.
As mentioned above, it is important to let your users know if their information is being sold or shared with anyone else.
This is not only a legal obligation, but it helps protect you in the event that the third-party fails to secure user-information properly. In this event, the user was informed that their information may be shared with a third-party. Now, the responsibility falls on the user and that third-party to make sure the data is being managed securely.
If you sell any user information, you need to declare this to your users and let them know the specific information you are selling.
While general demographic information such as age and gender may not be an issue, specific information such as location, name, and email address may be more information than many users feel comfortable with you selling. They have the right to know that this information may be sold so that they can choose if they want to provide it.
Below is an example from Zappos.com:
Breaches in security are an unfortunate reality in the digital age. The constant struggle between offense and defense in the cyber-realm means inevitably someone will find a way to exploit some security systems or find a way to circumvent them.
As such, it is your responsibility to not only secure the personal information of your users from these cyber-criminals, but to let them know how their information is being secured for their acceptance and peace of mind. This also helps build trust as you can show your customers and clients the measures that you are taking to protect their personal information. It shows that their privacy rights are important to you!
Below is an example from Amazon.com:
If a user does not agree with the policies you have in place, they may choose to not use your website or download your app. However, if they decide to use your website or app, they are accepting the policies that you have in place.
You can find an example of this from Zappos.com below:
There are other aspects to this as well, such as settings and preferences you may offer to limit data collection or functionality on your app or website. This is a good place to inform your users of where they can find these options and how to use them.
For example, you can tell your users how to turn off location services, block or delete cookies, or opt out of an emailing list if they wish to do so. This will build trust with your users. Be sure to also let users know how these choices could affect their experience on your app or website if certain functionality is dependant on cookies or location services.
Depending on your location and the location of your users, there are a number of laws that set forth guidelines about Privacy Policies and information collection from visitors, clients, and customers.
You need to be sure that your app or website not only complies with local laws, but also complies with laws in the state or country where your users reside.
For example, the California Online Privacy Protection Act (CalOPPA) sets forth regulations for any website that collects data from residents of California. Even if you are not operating out of California, if your website collects data from residents of California, you will need to comply with these regulations.
There are similar rules in the EU, Canada and other countries.
Below is an example from Apple.com:
Below is an example from Amazon Web Services:
Below is an example of a Cookies Clause from Amazon.com:
However, if you serve customers from the EU or plan on expanding to the EU in the future, you will need to comply with the EU regulations.
Privacy Policies are also a good place to discuss any third-party software or third-party partnerships your app or website implements that may have different information collection and usage policies that you have not yet covered.
Below is an example from Buzzfeed.com:
This way, your users can further research the Privacy Policies of those third-party services to ensure they are comfortable with their policies that pertain to your website.
This is a minor but important inclusion.
An example from Amazon.com is below: