Web Site Privacy Policies – Example

Example of Privacy Policy:

We Collect

We consider “Personal Information” means any information that is linked to your identity such as your name, street address, telephone number, screen name, age and/or email address. CompanyEC.com may collect some or all of these types of Personal Information through a survey, questionnaire, promotions, or a registration form. CompanyEC.com requires registration in order for you to use your products and services or other activities such as viewing invoices or updating contact information.

In order to register on our site, we require you to disclose your name, street address, and email address. CompanyEC (CEC) will not collect any Personal Information from your visits to our sites unless you provide your Personal Information to us voluntarily, and we will not require you to provide more information than is necessary to participate in our web sites’ activities. We also do not collect financial or other sensitive data information about our users unless that information is voluntarily given during the ordering process.

Reason – We Collect

This statement is necessary as it describes what type of information we collect from our users when they are completing forms within the site. The reason for choosing this is that it is important information for CEC to have when processing customers orders. CEC makes all transactions online and through its website. In addition, it also collects information to monitor statistics and user activity throughout the website.

While CEC does mainly offer online services, the personal information is needed for invoices and for the sending of products to the customers via one of these methods mentioned above.

This portion of the policy is great to have to allow users to know what it is that we collect, why we collect it and why it is needed.

Security

All personal information, such as your name, postal and e-mail address or telephone number is considered private and confidential. This personal information is stored in a secure location, is accessible only by designated staff, and is used only for the purposes that you have given us permission for e.g. provision of services.

CompanyEC guarantees that no personal information will be released to an individual or corporation except when client authorization is received allowing the information to be released.

• We employ reasonable and current security methods to prevent unauthorized access, maintain data accuracy, and ensure correct use of information.
• Your personal data will be stored within a database that is located behind a firewall for added security. The server housing the database is physically protected at a secure, third party site and is monitored by security personnel twenty-four hours a day. Only authorized personnel can access the data center and the particular server housing the database.
• No data transmission over the Internet or any wireless network can be guaranteed to be secure. As a result, while we try to protect your personal information, we cannot ensure or guarantee the security of any information you transmit to us.
• We do not encrypt your normal web sessions with the Service using SSL. Any transmission to the CompanyEC website or service of credit card information uses SSL encryption.

Reason – Security 

“If you use SSL to transmit sensitive data, mention it here. Also, mention any steps that you’ve taken to protect customer data from hackers” (Allbusiness, 2010). With following this method mentioned above, this section is great to have as it allows for our users to know what it is that we secure and what we do not secure. In addition, it allows for our users to understand how we go about securing their personal information.

By users having a good understanding of what is considered personal information that will be secured, it will allow for them to make the select decision on whether they want to submit that information and other information. CEC collects lots of information from its users and not all of it is considered private and we do not go about securing it all. Being that a majority of the information isn’t going to affect the users security, we don’t secure it and through this section we inform the user of what it is that we will mark as personal and place it within our secured data center.

Third Parties

In the course of doing business, we employ other companies to perform a variety of functions on our behalf. For example, at times we may retain third parties to analyze, update and correct data we collect on our web sites, including Personal Information, to help us improve our products, our database and our web sites. In addition, we may share Personal Information with agents, suppliers, fulfillment houses and other third parties to allow delivery of information, products or services. These suppliers and other third parties may have access to your Personal Information if it is needed to perform their functions for CompanyEC, but they are not authorized by us to use your Personal Information in any way other than the intended use.

Reason – Third Parties

I chose this selection because it mentions that while we don’t sell information, we do have to hand some of it over to third parties to complete some orders. An example of this is when shipping items purchased through third parties for customers. I recently had to create a digital piece of work for a customer and then had to have that digital image blown up to a 36”x48” poster. The poster company that I utilized needed to know the customers information so that they could ship the poster to her location. The information that they needed to collect was her name, phone number and address.

“In some cases, depending on the nature of information, these third parties will also need to have a privacy certification” (eTrust, 2010). Once we hand over the information to these third party suppliers, it is out of our control on what they will do with that information. This policy statement allows for us to inform our users that we are not responsible for third party sites or company’s privacy policies. However, we will do our best to make sure that these companies are not soliciting our customers.

Contact Information

Should you have any questions or concerns about this Privacy Policy or the collection of information, please contact us at:

CompanyEC LLC. PO Box …

[email protected]

Reason – Contact Information

The reason for including the contact information is “If [the customers] feel that [our] privacy policy has been broken in any way, or if they have questions about [our] policy, they will want to reach [us] and should be able to do so easily” (Allbusiness, 2010).

This information is simple, but I find it to be an important aspect of the privacy policy as it allows for our users to easily contact us at the company for any concerns they may have.

Privacy Policy Changes

CompanyEC may change its privacy policy, but all changes made regarding disclosure of Personal Information to third parties will be made after notification through electronic means prior to the date the modified policy takes effect. Any new policy will have effect only, to information previously gathered without your express consent.

Reason – Privacy Policy Changes

Stating changes can be made at anytime to the privacy policy is the correct way to let users know that they should continue to view the privacy policy to be sure that they are up to date.

In addition, this section also allows for our users to know how they will be contacted and that they will be contacted when changes are made to the old policy that they agreed to.

By adding the date in which the policy was updated, it allows for users to stay informed on whether we made changes to the policy.

 

Credits

eTrust (2010). Privacy policy requirements. Retrieved September 17, 2010, from http://www.etrust.org/certification/privacy/privacy_requirements.html

Leiber, Nick. (2009). Why your web site’s privacy policy matters more than you think. Retrieved September 17, 2010, from http://www.businessweek.com/smallbiz/running_small_business/archives/2009/08/why_web_site_pr.html

Allbusiness. (2010). What a business web site’s privacy policy covers. Retrieved September 17, 2010, from http://www.allbusiness.com/legal/contracts-agreements-internet-legal/2639-1.html