Digital risk is one of the substantial risks for any business. Having an online presence, carrying online transactions, files, or storing data and records on computer systems opens up cyber risk. However, privacy is also another crucial factor. Today, people care a lot about their privacy, especially when sharing their personal information online. So what is a privacy policy, and how does it protect your personal information and run away from becoming a victim of a cyberattack?
Privacy policy
A Privacy Policy is a statement, a notice or a legal agreement that explains what types of personal information a website will gather from its visitors, how it uses this information, and how it keeps it safe. Generally, data and privacy laws apply to specific services targeting people of a region, which effectively means that a law may apply to a business whether it’s located in the area or not.
As a business owner, why do you need a Privacy Policy?
-
It’s required by law.
The primary reason why you need a Privacy Policy is that you probably do need it. The New Zealand Privacy Act 2020 is the most recent and significant update to New Zealand privacy law and follows closely the example of other national laws introduced in Europe (GDPR), Asia (India, South Korea, Japan), South America (Brazil, Chile). There is currently no data privacy law on the federal level in the USA, with different regulations that vary significantly in terms of scope, applicability, and penalties between the different states. The California Consumer Privacy Act, however, has many provisions that overlap with GDPR.
-
Third-party services require it.
You may not be aware of this, but most of the third-party services are commonly used on websites requires that you have a valid privacy policy in place in order to comply with their terms of service. For instance, If you are using Google AdWords or Google Analytics, you must have a privacy policy that contains all the specific information about your use of their services, plugins, SDKs, and so on. Failure to do so means violating their terms, which could lead to you not being able to use their services.
-
It helps you be transparent.
No doubt having a privacy policy is so significant from a business perspective as well. To be transparent with your website visitors and build a relationship of trust, especially since people increasingly value their privacy. However, a website that does not inform its user while collecting its data may look untrustworthy. So don’t let this be the reason for your business loss to your competitor.
As a user, why do you need a Privacy Policy?
-
You have your rights.
Under the NZ Privacy Act, agencies (organisations and businesses) have to respect your personal information, any information that can identify you as an individual.
-
You have your responsibilities.
You are the person best able to protect your privacy. You can do this by knowing your rights, being aware of the risks and knowing how to avoid them.
What to expect in a Privacy Policy?
Generally, a Privacy Policy includes:
- The types of information collected by website, app or service
- The reason for collecting the data
- Data storage, security, and access
- All essential details of data transfers
- Affiliated websites or organizations (third parties included)
- Use of cookies
- The contact details of who to ask for clarifications or to exercise your rights.