Part of
dotDigitalGroup Plc
London:
0845 337 9170
Manchester:
0161 618 1070
or
Our team
Our services
Support
Resources
Contact
Sitemap
Blog
Home
Why us ?
Features
Packages
Pricing
Clients
Consultancy
Resellers
Resources
Animated demos
Look inside dotMailer
Email marketing masterclass
FAQs
Social media marketing
Law
Deliverability
Template design
Your data
Best practice
ROI measurement
Industry news
Glossary
dotDoctor email surgery
dotDoctor B2B lead generation surgery
Home
Resources
Law
Writing a user-friendly privacy policy
Writing a user-friendly privacy policy
In summary, a privacy policy sets out who you are, how you will collect, use and store personal data and how a customer/contact can control that use of their personal data.
The law requires that you display a clear link to your privacy policy on your website, at all points of online data collection. Your privacy policy is your opportunity to build customer confidence and trust and make them feel good about doing online business with you.
A good privacy policy is easy to find, easy to read and explains all the web visitor needs to know about your approach to handling the personal data they supply you. It also serves as a promise to your visitors and customers that you will act according to the statements laid out in the policy. So be sure not to promise what you can’t (or won't) deliver!
Below is an outline of the content you should include in your privacy policy to ensure it is user-friendly and regulation compliant:
State what data you collect, e.g.
name and job title
contact information including email address
demographic information such as postcode, preferences and interests, transactional data
Explain what you do with personal data – and what you do NOT do.
State the physical address of the Data Controller.
List out your group companies, where applicable.
Explain how the personal data you hold is handled and processed.
State your policy on the use of cookies, ie how you use them and why.
Your policy on transfer of data overseas (i.e if you don’t do it, then state this).
Subject access arrangements - how can a customer/contact gain access to the personal data you hold on them.
Data security guarantees – ie the physical, electronic and business procedures in place to safeguard and secure the information you collect.
Links to other sites – ie where your privacy policy ends, e.g. "such sites are not governed by this privacy statement".
Definitions
Personal data
Personal data is defined as information about a living, identifiable individual - identifiable either from that data, or from other information which is likely to come into the possession of the Data Controller. It includes an expression of opinion about the individual and any indication of intention in respect of the individual.
Data Controller
The Data Controller is a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.