This article was provided by MacroTwin. Thank you for supporting the partners who make SitePoint possible.
Words and Actions That Can Put You at Risk
Here are five things website owners need to watch out for when drafting and managing privacy policies.
Guaranteeing That Visitors’ Personal Information Will Be Safe
Our website uses secure data collection, processing and storage procedures and other security methods to protect against unauthorized access, disclosure, change or destruction of your personal information, password, username, transaction information and data stored on our website and servers. Your personal information is safe and secure with us.
Should your visitors’ and customers’ personal information be made public because your website gets hacked, or because the information becomes publicly disclosed by other means, the fact that you used a provision similar to the one above could—in the United States—see you sued by the Federal Trade Commission (FTC), for violating Section 5 of the FTC Act, which prohibits unfair and deceptive practices in commerce. (Similar rules apply in other countries, as I’ll discuss below.)
The FTC has also taken legal action against companies that have made exaggerated statements in their websites’ privacy policies—statements that can’t be verified. Always make sure you can keep any promises made in your policy.
Promising to Not Share or Sell Your Email Address and Personal Information
“We will not share or sell your email address and personal information.” This is a common statement you’ll find in most privacy policies, because it’s a reasonable promise that makes visitors and customers feel comfortable giving you their email addresses and personal information. Website owners like this, of course, because it helps them grow their email lists, which can be one of their most important assets.
You could send notice to your entire database asking for permission to sell or transfer their information to the new owners. However, you may not get a positive response to such a request.
Letting Your Guard Down After Your Company Files for Bankruptcy
Your users’ privacy doesn’t go out the window just because your company goes out of business. Few business owners consider the privacy obligations that still apply if their companies go bankrupt.