16 Aug 2019, 10:00 — 8 min read
Also read: Top 5 reasons you need an ISO 9001 certification
The main sections of such a document are as follows:
As the name suggests, this section explains to the visitor the background of the business and information related to the website and its functionality. Any special conditions and terms associated with the collection of data from users have to be explicitly mentioned here. This section aims to act as a bridge between the user’s understanding of the concept and the legal terms which are to follow suit.
This section lets visitors know what kind of data will be collected by the website. While the form, which needs to be filled makes it obvious what type of information you will require, it is mandatory that you state the nature of data collected in this part of the document. Information regarding server identification, hostname and IP address tracking and data storage must also be reported here.
This explains the methods you will use to collect the information as mentioned earlier. The nature of the technique, whether it is manual or automatic, how the data will be processed, how the forms will be categorised, all such information allows the user to have a better idea of how his data will be collected and stored by the website.
How will the information be stored? If the database you use to store the collected data is based offshore, then you will need to register with the government of that country after looking into their privacy laws. If your servers are based within India, special permission is required to transmit data outside the country, even if its purpose is justified. Visitors to your website must be able to rest assured that every effort to store their personal information is being taken by your business.
Also read: Cybersecurity best practices to secure and empower your business
This part allows the entire process to be transparent as it allows the user to contact someone in charge in case something goes wrong or in case they have a query that needs to be addressed. Both an email address and a real-world address must be provided so that visitors can contact you via email or mail.
These include information collected during the sale of products and may be done through a mobile phone app, an online store, or PayPal. All such applications are expected to send information regarding licensing, version, and sales history to the centralised servers.
This deals with information regarding your employees and includes data pertaining to their health, financial, employment, and personal information.
The contact details you provide must be updated regularly, and every query must be answered within a reasonable amount of time.
Transactions and payments have to be extremely secure, and all information related to this has to be stored under lock and key.
Sit down and brainstorm about all the areas your business collects information in and use this list to formulate an ideal policy that identifies all the activities your company uses to collect data.
Evaluate your policy and make sure they cover all possible privacy implications and update the policy as and when required. While Cloud computing gives several companies instant access to many different kinds of information, it also complicates privacy issues that your business needs to handle. Even copyright laws may impact your privacy policies and hence have to be treated with great care. All information regarding the infringement of copyright must be reported. Privacy in business encompasses more than just protecting data associated with clients and employees and is a task that every organisation, must undertake,
irrespective of size.
The privacy policies are necessary for running any business. The policies should cover online and offline usage of personal information such as good and services activities, employers activities, financial activities, customer feedback activities. Update the policy when required and ensure that they cover the privacy implications. Sometimes even the copyrights laws also impacts on private policies and therefore it has to be taken great care. Every organisation should undertake the task of protecting the data related with the employees and clients.
Also read: Vendor Agreement: Why is it important?
To explore business opportunities, link with us by clicking on the 'Connect' button on our eBiz Card.
Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views, official policy or position of GlobalLinker.
Posted byVakilsearch Staff
Greetings! We would love to work with you and your company. We look forward to connecting with business houses and MSME's.
What Are The Sectors Where FDI Is Permitted In India?
6 Feb 2023, 12:04
GST Exemptions List: Latest Details
19 Dec 2022, 12:48
Most read this week
Please login or register to join the discussion