Privacy policies cover how and why you collect and process personal data, also known as personally identifiable information. This can include phone numbers, email addresses, credit card information, and biometric data. It also includes information about a user’s device, like IP address and browser type. When pieced together, this data can identify an individual, and therefore must be protected.
- Your contact information
- User data collection and the purposes behind it
- Data processing, storage, and sharing
- Data retention and deletion
- Your users’ data rights and how they can exercise them
- How to submit a complaint
- Details of any changes to the policy document
This isn’t an exhaustive list. If your website visitors include children, for example, you’ll also need to include a disclaimer on children’s rights and what this means for both children and parents. In areas where California’s CCPA applies, you’ll need a section that covers the sale of data and how to opt out.
Depth of Information Provided
There’s a real mix of approaches when it comes to privacy policies. Some are no more than a few lines of generic text, while others feel like an endless scroll through dry and irrelevant language. Aim to deliver enough information to satisfy your users’ needs and rights, but without it feeling like a chore to read.
Helpful Media Content
As one of the most well known travel organizations out there, it’s essential for AirBnb to have a set of legal policies that both protects themselves from any potential issues and gives their customers the information they need in a simple format.
With such an international customer base, Slack recognizes the importance of reassuring users that their data is transferred between different countries safely. This section is both to demonstrate website compliance with privacy laws like the EU’s GDPR, and also to provide useful information to users who might be comparing Slack with a competitor that isn’t as transparent about data transfers.