In this article you'll find steps and knowledge on:
- Why you ought to have one
- Guidelines for creating a policy
- Link to an automatic policy generator
What cookies are?
What info is collected?
What is through with the information?
How to reject / delete / accept cookies?
Explain that there are not any harmful technical consequences/ risks
Create a far better electronic environment on the web
Laws / legislation may pertain to your business
By letting people know what info is collected and what's through with that information, you'll create a transparent environment during which people / consumers are more confident. you'll eliminate stress and concerns about abuse of private info.
Various legislations and legal guidelines, for instance within the US and within the UK, are being developed and should affect your website, counting on what information you collect, how you are doing it, and what you are doing with it. the ecu Union has developed similar guidelines that contain a touch an excessive amount of legal rhetoric to be completely useful.
See resource list below for reference websites.
Your policy should be written in plain readable language. Consider the policy to be a neighborhood of your site. Design the policy and publish it just like the remainder of your site. Design it as if you really want people to read it. Make it short, friendly & intuitive. It should be easily accessible throughout your site.
Tell your visitors why tracking cookies are good, why the knowledge is useful , that it's wont to improve websites and their content. Give an example. If you're collecting information, tell them what you are doing thereupon information. Give people a chance to not have their info collected, for instance by blocking cookies. Explain how people can block cookies. Also explain that cookies aren't harmful and can't introduce viruses or extract personal contact information.
Why all the fuss?
There is a crucial distinction to be made here between cookies and spyware. Spyware collects information about your surfing habits across the web and sends this information out from your computer. Cookies collect information about your surfing habits only on the location of the provider of the cookie, in other words just on one site.
From our research it appears that the majority people are concerned that their personal information could also be passed on. during this case, there's a crucial distinction to form between Two sorts of Information which are collected:
Personally identifiable info/ personal contact info
Clickstream/ navigation info
Specific to concerns about cookies, the knowledge being collected doesn't contain personally identifiable information. Clickstreams are wont to see if people return to an equivalent sites, and identify patterns.
When databases are combined, for instance a membership & login base, with a clickstream tracking system, it's possible to mix personal information, like an email address, with clickstreams. this is often where the most cause for concern seems to lie.
The companies that do this; with the resources to mix clickstreams, past purchases, and private information, are household names, like amazon.com, ebay, bbc, yahoo, etc.
1. Collect information from it's viewers. this will be as simple as having a form to feature a viewer to a mailing or subscription list, to complex forms for shipping orders.
2. If your site uses affiliate advertising like Google AdSense, Amazon, and Commission Junction
1. Contact information for a user to succeed in you if they need any concerns or questions
2. Information on how a subscriber can unsubscribe
3. What information is being collected and why
4. What measures you are taking to secure any personal information
5. How is that the information being collected ( subscription forms, list etc)
7. Any changes to tracking activities
8. Are you passing information on to a 3rd party source, and if so then who
9. Can your subscribers update and consider their information
Before you enter your name, address or any other data in that form, STOP! Wait. Don't enter anything yet. If you do, you may be giving away personal information to strangers, and you know what your mom said about talking to strangers.
Okay, back up a minute. You want to buy a new necklace for your wife at that great dot com you recently found. They require you to fill out a form first - your name, address, phone number and credit card information. They also want your email address, gender and income range.
So you know these people? Think about it for a minute. How many of your friends (even your best ones) have you told your true age or how much money you make. Have you divulged your credit card data to your co-workers at work? Perhaps you give your social security number to the kid at the McDonalds?
I didn't think so. Then why do you insist on giving this data to a faceless computer? You don't have any idea who is on the other side of the screen - yet every day you give away information that you would never dream of telling your parents or best friends.
Before typing in the information look around the site until you find a link named "privacy". Usually it is on the bottom of the home page (at least), and good sites will have a link to it from EVERY page. Click on the link and read the policy from start to finish. Make sure you understand it - if there are any words you do not understand pull out your handy dictionary and check them out. Once you are done, read it again. Slowly.
What's so important about this that it requires all this work? Look, you are giving out personal data about yourself. The web site owners have an obligation to inform you how this data is going to be used.
How do you get in contact with the owners of the company?
How do you erase your private data or remove yourself from mailing lists?
Are they going to keep your information to themselves or sell it to third parties? If so, can you stop this and how?
What are they going to do with your credit card data? How do they keep it safe?
Why do they need the information? For example, our site asks each person who signs up for an award their age. Why? Because the COPPA law does not allow us to collect information from people under 13 years old. How else are you going to ensure you are in compliance with this kind of law except to ask?
Do they make use of your TCP/IP address and other similar information, and if so what is it used for? Virtually every site logs this data, but rarely is it used for anything except mass statistics and error checking.
If the site has third party advertisers, banners, web bugs, banners and so on, what similar information is available for how they use any information? This is most pertinent for cookies and TCP/IP data that is automatically logged. At the very least, their should be links to third party sites so you can look at their privacy policies also.
Are there any special relationships such as partners who use the information also? If so, how is that information shared and used? If the web site asks for information, how do they ensure that COPPA (a law which attempts to ensure that information is not gathered from minors without their parents permission) is adhered to.
Under what conditions will you receive mailings and how do you opt- in and out of them.
Alter the policy to comply with the following requirements:
* Describe how users can use browser settings to manage their privacy, such as by disabling cookie support for specific sites.
Note that Google does not offer specific examples of compliant privacy policies, nor do they offer specific legal advice on what to place in your policy. All they do is state their requirements, it's up to you to come up with a suitable policy. That's why you'll usually start by modifying someone else's already-published policy and adapting it to Google's requirements. (If you rely on a legal firm to develop a policy for you to use, be sure to pass those requirements to them so that they can be incorporated into the legal documents they create.)
Privacy policies usually contain details about what sorts of personal information are collected, how the private information could also be used, the persons or parties to whom the knowledge could also be disclosed and therefore the security steps taken to guard the private information.
How do I generate a personal policy for my website?
4. Provide details about the knowledge collected from users visiting your website. Visitors have a right to understand what information you're collecting. for instance , are you collecting personal details by asking them to finish an information request form or service application? you ought to also disclose whether your servers log visitor information like host names and IP addresses.
5. Present the method(s) you employ to gather information and whether the knowledge you collect is automated. this sort of data will provide your visitors a more complete idea of how you collect information.
6. it is vital for your visitors to know how their information is stored by your company. they have to understand where their information goes after it's collected and receive assurance that their personal information are going to be handled during a safe and secure environment.