Today, we’ll be looking at privacy policies and the latest business requirements when using and storing customer data.
With GDPR fines increasing by 40% during 2020-2021, understanding your compliance requirements is more critical than ever.
Let’s dive in.
- Next Steps
Regardless of your location, if you operate online, you are likely covered by at least one set of compliance requirements.
The most well known include:
- Europe – EU General Data Protection Regulation (GDPR)
- USA – California Consumer Privacy Act (CCPA)
- Brazil – General Data Protection Law (LGPD)
- Canada – Consumer Privacy Protection Act (CPPA)
If you have customers across multiple locations, you must follow the specific data privacy laws that protect each geographical group.
These laws apply across your marketing assets, including online chat, lead magnets, analytics and online advertising platforms like Google, Facebook and Linkedin.
Privacy policies are legal documents that let your customers know what data you are collecting from them and how you plan to store and share their personal information.
Typically you will outline how long you plan to retain their information and the security measures you have in place. The exact details will depend on the regional requirements covering your customer locations.
Personal information can be anything that can be used to identify someone, like name, address or credit card.
More and more online consumers are paying attention to privacy policies as cyber-attacks become more commonplace. 87% of respondents surveyed by Mckinsey stated that they wouldn’t do business with an organization if they had concerns about its security practices.
Without one, you could be subject to fines for noncompliance.
Privacy policies can vary in length and detail, but they are generally expected to include several key elements:
- Introduction: An overview of your organization and any subsidiaries and an outline of the scope of the policy.
- Information collected overview: A listing of the data collected, such as personal information like names, email addresses, and other contact information.
- Information usage and storage: Defines how your organization uses and stores the collected information in accordance with privacy and security regulations. This can also include elements of the visitor’s data rights and how to view and update their preferences.
- Contact details: How to contact the organization with questions or requests for the data held about a customer, or how to exercise one of their other data protection rights.
Your options include:
Do it yourself using a template.
It can be tempting to use a free or purchased template or even to copy an existing policy. However, this approach comes with the possibility of missing or misinterpreting key information and putting your business at risk of noncompliance.
Hire a lawyer.
Partner with a data privacy compliance expert.
At Dataships we partner with companies to fully automate their compliance requirements. Our system takes care of customer data requirements from first touch to last – no matter where they are in the world.
Our team of experts is on hand to talk through your current compliance strategy and talk through your options if you’d like to set up a quick call.
Want to learn more about how to ensure your organization is using data for marketing purposes correctly and effectively? Download our “Direct Marketing Checklist.