Privacy Policy (definition)
What is a privacy policy? Usefulness and elements
The privacy policy of a website is a legal document, published on websites, which specifies the way in which the website stores, processes and handles the data of its users or customers.
In other words, the web privacy policy is a contract in which the owners of the website commit themselves to keep the personal information of their visitors and users safe.
1. What is the privacy policy for?
The privacy policy serves, in fact, to explain how the collected data will be processed and used.
But it should also offer information for users to request removal of their private data, as well as options for updating their this information.
Although reading the privacy policy is something that all users should do, many of us don’t do it and end up accepting the rules, which means we will consent to the processing of our data on the websites we use.
2. What should a privacy policy include?
The privacy policy should clearly indicate, avoiding technicalities, the type of data that will be collected in the visits we receive, as well as the use that will be made of such data.
It has to be written in the most detailed and understandable way possible. A correct privacy policy should detail at least the following points:
- How the data will be processed and for how long the information will be stored.
- Type of information collected (name, emails, phone numbers, IP, etc.).
- How the information will be used (statistical, improving the user experience, email marketing, etc.).
- If the data will be transferred to third parties and how it will be used in such case.
- It should state that it can be updated in the future.
- It should include a real and agile form of contact, so that users can make modifications, updates or cancellations of the data collected.
- It should indicate the responsibilities and limitations of the users during the visit to the Website.
- It has to include information regarding the cookies policy.
- Any relevant information on how the data will be protected.
This policy varies depending on the country. In the case of Spain, for instance, after creating the document, you must register it with the Spanish Data Protection Agency (AEPD), where you declare the files involved in the collection of data.
At the same time, it is a very good idea for a company to publish its social responsibility, generally large companies do it and this can help us to differentiate ourselves.