What is a Privacy Policy?

A company Privacy Policy explains the methods adopted by an organization in handling customers, clients, or employee details gotten in its operations. The Privacy Policy declares the policy of a firm or website in its collection of information and the release of that information about a website visitor. Usually, it declares the exact information collected. Also, it states if the details collected are sold to or shared with other researchers, sellers, or firms and if it is kept confidential.

How Does a Privacy Policy Work?

Privacy policy, in Law, is a legal document which reveals certain or every way a party gathers, reveals and manages the data of a customer. The specific contents of a privacy policy always depend on the applicable law and these contents may have to address the prerequisites of different jurisdictions or countries. The majority of websites allow free access of their privacy policies to their website visitors. All personally identifiable details that are gathered should be specified by the privacy page. These personal details include name, credit card number, and address. Also, other details such as uploads, browsing habits, downloads, order history, and cookies should be specified. The policy is meant to explain if data such as cookies will be stored on a users personal computer. According to best practices, its mandatory for the policy to reveal if data would be sold to or shared with third parties and in a case where it occurs, its purpose should be stated. The contention between privacy policies being legally binding or not and consistent enforcement have not been agreed upon. In the U.S., the enforcement of industry self-regulation and existing laws are promoted by the Federal Trade Commission (FTC). For the FTC, once money is not lost during a breach, legal actions are not executed as a result of data breaches. The Data Protection Directive of the European Union has questioned a company such as Google concerning privacy changes which violated the E.U. law. Hence, threatening penalties on the big company. Seal programs or online certification are instances of industry self-regulation of privacy policies. Usually, seal programs demand fair information practices implemented in which the certification program is the determinant. Continuous compliance monitoring may be required as well. TRUSTe was the first online privacy seal program and by 2007, it comprised over 1,800 members. Trust Guard Privacy Verified program, Webtrust, and eTrust, are other online seal programs.