If you’re selling goods or services online, chances are you’re dealing with your customers’ personal data. Because of that, you should include privacy policy, but it does not have to be a separate document. It can be a part of the terms and conditions, just labeled accordingly.
Here are some phrases a privacy policy should include:
- If a website does not require a client to accept (for instance by checking a check-box) a clause which states that the site is allowed to process personal data, for example when a customer creates an account or orders merchandise, then the privacy policy should have stated the following: “Use of this site requires personal data processing of a client in the following matter: … (for example: first name and last name, phone number, e-mail, billing address, etc.). Data will be processed by: … (merchants name) in a way that is crucial to agreeing on a contract, as well as its fulfillment. Transaction data, in that personal data, can be transferred for the benefit of Polskie ePłatności Sp. z o.o. located in Tajęcina 113 at Jasionka, zip code: 36-002, KRS: 0000227278, on the terms that it will beneficial on in service connected to order payments. A client has the right to see the content of his data and any corrections made to it. Sharing of information is voluntary, however, at the same time it is crucial to using this site” .
- Beside information that is mentioned in the above, there may be an optionally placed information stating that “Data will be processed by … (merchants name) for direct marketing purposes or for services provided by … (merchants name), hereby a client has the right to decline the right to processing his data in this manner”.
- Information stating that a merchant protects personal data from any form of unauthorized sharing, copying and taking by unauthorized personnel, processing in disregard to clauses, and changing, loss, defecting or destroying of data.
Make sure that your privacy policy ensures the confidential handling of all the customer data you receive.