Starting your own business is scary and challenging, especially when it comes to legal staff. Let’s chat about data, clients, and ways to mitigate privacy risks from point one.
So you’ve built your website, found perfect colors for your brand book, and found first clients. Good job!
At some point (and believe me, better earlier than later) you found that your state of art website is missing privacy policy. Any ideas of what to do?
The most common answer is open Google and copy-paste a privacy policy from the well-known website you use often and presume that their lawyers know better. This is risky and tricky.
Privacy policy in the essence is an explanation of what your business is doing with collected data from people’s interactions. Moreover, multiple regulators internationally require that privacy policy should be written in plain language and in the way understandable to your user. So as you build your brand for your target audience, build your privacy policy the same way.
Some simple steps to start with your privacy policy:
1. Data mapping
Define what kind of data you collect (emails for newsletters, names, and mobile phones of your prospects, social media profiles, ads data from cookies). Creating the simple list of types of records you have in place will help you navigate a lot of matters moving forward (so keep it handy).
2. Data Minimization
Consider collecting only data that is essential for your business. You probably can have only a zip code instead of a full physical address to know where your clients are coming from, right?
3. Opt-out
Make sure that your customers have the opportunity to unsubscribe, request access to the information your business holds about the user, or request a deletion of all the information you have about them. Be careful to comply with a legitimate request from the data subjects in a timely manner once you have them.
4. Cookies
Make sure to list what kind of cookies your website is using, the data collected and purposes of this data usage (targeted ads, website performance, analytics).
5.Vendors
You probably use analytics tools to measure your website traffic, payment processing systems to get paid by clients and marketing platforms to manage your email and social media campaigns. Simply list the vendors and functions covered by them in the separate section.
To sum up, a simple and clear privacy policy in plain language will increase trust and will make your business more credible instantly and will mitigate the majority of privacy-related risks. Make sure that your privacy policy is up to date with all your business changes such as a new campaign launch or partnership with another organization.
And remember, the safe ground is a key to your success, so consider speaking to your lawyer or privacy consultant first.