Guest Column | December 8, 2015

5 Essential Aspects Of A Data Privacy Policy

By Jonathan Buckley, Senior VP of Marketing, at Qubole

Data Privacy Policy Aspects

Data has become the lifeblood of many organizations and businesses. Without it, their operations become inefficient and borderline inoperable. To make it all work, companies have needed to collect as much data as they can on their customers. Simply doing so without permission isn’t allowed, so many businesses construct privacy policies that give them the go-ahead to use customer information as long as the customers are fine with it. Unfortunately, many organizations have created privacy policies which are poorly made, ones that don’t accurately reflect what the business does with the data and don’t inform the customer in any meaningful way. Failure to make a good privacy policy could open a company up to possible lawsuits, fines, regulatory audits, and more. To improve a company’s privacy policy, companies should seriously consider the following tips.

  1. Simplify. Because a privacy policy is such a serious document, many companies create theirs so that they are filled with legalese and complicated constructions. This makes it difficult for regular people to actually read it. That’s why organizations need to make their privacy policies simple. There’s a reason so many people skip reading these policies or simply click the button indicating they have read it right off the bat. If a privacy policy is too complex or too wordy, it ceases to serve much purpose. Companies that make privacy policies that include a short form, highlights, and even visual icons make it a lot easier for their customers to understand. They also improve their own transparency.
  2. Give Options. Customers are naturally a bit nervous when they know a company is collecting their personal information. Some privacy policies go the extra mile by giving consumers choices in terms of how much data they allow to be collected. Companies with more effective privacy policies help customers determine when and how their personal data is gathered. Perhaps a consumer is only comfortable giving out the most basic information, while another is fine with an organization collecting as much data as possible. This varied approach instills more confidence in a business and helps customers stay in their own comfort zone.
  3. Make It Accessible. Also of importance is having a privacy policy that isn’t hidden away in some corner of the company’s website. Many businesses treat privacy policies as a nuisance despite their importance. Once a privacy policy has been agreed to, companies tend to think it’s a done deal. However, many customers would like to refer back to the policies they’ve signed (electronically speaking). If the privacy policies are placed in an area that is easily accessible and prominent, this won’t be a problem. Businesses should also provide helpful reminders about elements of their privacy policies as customers continue to use products and services put out by the company.
  4. Do Not Copy. Each company’s privacy policy should also be specifically tailored to the company in question. Needless to say, every business has different needs and privacy considerations to take into account. Many companies, however, simply cut and paste the policies used by other businesses. Such a strategy only opens up more legal risks and even sets the company up to be found guilty of negligence regarding the proper use of customer data. Companies should take the time to write their own policies and avoid the easy way out.
  5. Seek Input. Privacy policies shouldn’t be taken lightly. They also need to cover a lot of ground, especially if the organization writing it is a sizeable one. There are many areas of a business to consider when writing a privacy policy. Those areas include human resources, public relations, sales, accounting, and more. All may make use of customer information, and all will likely have an idea of what they would like include in a privacy policy. Companies should seek input from these departments before forging ahead with a policy. Failing to do so could result in an unfortunate blind spot in a privacy policy.

Too often, privacy policies are glossed over by companies. However, with the increase in the amount of data being collected, and the use of data tools to analyze it, concerns over privacy and security have been on the rise as well. Companies will need to take an evenhanded and level headed approach to crafting their privacy policies, ensuring their informative for customers and protective of sensitive data.