Data privacy is in the news almost every day. As a result, people are becoming more and more wary of giving out personal information online. So, if your website or mobile app collects personal data from your users, you should provide a privacy policy to help them understand how you will use that data and give them peace of mind.

At the most basic level, a privacy policy is a legal agreement between you (as a website or mobile app provider) and your users that specifically spells out what kinds of data you are collecting and how you are using it.  Although not yet required by law in most situations, you should provide a privacy policy for your users if you collect personally identifiable information. 

Most privacy policies contain the following kinds of information, at a minimum:

·      The kinds of data that are being collected

·      How the data is being collected

·      How the data is being used

·      If the data is shared, with whom

Personally identifiable information (also known as PII) is any piece of information that can be used to identify a user as an individual or that can be used to contact a particular individual.  Examples of PII are the user’s name, the user’s email address, the user’s phone number, the user’s mailing address, or a user name and password. PII is usually collected when the user fills out a form and provides this information. It is generally used to contact the user or to create an account so the user can be remembered every time that user visits the website or uses the mobile app.

Websites and mobile apps typically also collect another kind of information: non-PII. Non-PII is usually collected passively (that is, without the user’s explicit consent) but does not contain any personally identifiable information. (The most well known method of collecting non-PII is a web browser cookie.) Non-PII is most often used for data analytics to help the website or mobile app customize its settings to provide a more personalized experience or to track the demographics of its users.

One of the most important aspects of a privacy policy is to inform the user of how you plan to share their data. If you plan to sell a user’s data (especially a user’s PII), it is particularly important to let them know that. It is also important to let users know if you have the need to share their PII with third-party service providers such as credit card processors and IT personnel. A user should know enough about how you are using their data that they can make an informed decision with regard to whether they want to use your website or mobile app and to provide that information to you.

If you sell your app on the Apple Store, you are required to have a privacy policy. There are also federal regulations you must adhere to if you collect personal information from children, if your business is significantly involved in financial activities, or if you are a healthcare provider who collects health information. However, even if you aren’t required to have a privacy policy, it is just good business to make your users feel secure using your website or mobile app. A secure user is a happy customer!

For help with your privacy policy, contact me and we can get started today!



Your comment will be posted after it is approved.

Leave a Reply