Author: Donna Chesteen, Esq.
Most privacy policies contain the following kinds of information, at a minimum:
· The kinds of data that are being collected
· How the data is being collected
· How the data is being used
· If the data is shared, with whom
Personally identifiable information (also known as PII) is any piece of information that can be used to identify a user as an individual or that can be used to contact a particular individual. Examples of PII are the user’s name, the user’s email address, the user’s phone number, the user’s mailing address, or a user name and password. PII is usually collected when the user fills out a form and provides this information. It is generally used to contact the user or to create an account so the user can be remembered every time that user visits the website or uses the mobile app.
Websites and mobile apps typically also collect another kind of information: non-PII. Non-PII is usually collected passively (that is, without the user’s explicit consent) but does not contain any personally identifiable information. (The most well known method of collecting non-PII is a web browser cookie.) Non-PII is most often used for data analytics to help the website or mobile app customize its settings to provide a more personalized experience or to track the demographics of its users.