Remember, a good privacy program is proactive, rather than reactive, and assumes that personal information will remain private by default. A founder considers how to protect the data, realizing that there is no one-size-fits-all approach to data security. A good privacy program is transparent and holds people accountable for protecting the privacy of consumers. A founder should think about privacy from the very beginning of her business plan, not moments before a product launch.
The following steps can help you create a policy that stands out and demonstrates your commitment to your users’ privacy:
1. Be Accurate
2. Use Plain Language
3. Include Essential Information
All privacy policies should include at least the following:
- What information you collect
- What you do with the information
- With whom you share the information
- How you collect the information, including whether you use automated means
- How you protect the information
- Rights your users have under the law
- How users can opt-out of certain uses of their information
- How you inform users if you change your practices
- How your users can contact you
Certain laws require privacy policies to include certain things. For instance, some laws require you to disclose that consumers have the right to access their information or to prohibit you from selling their personal information. It’s important to know what laws apply to you so you can include that information in your document.
4. Follow Your Policy
It should go without saying that you need to follow your policy. That means your people need to know what commitments you’ve made to your customers. Teach employees to think about opportunities to protect sensitive information and make privacy a priority in your organization.
by Heidi Yernberg