Legal and data protection research writer at TermsFeed.
On this page
- 1.1. You're Collecting Personally Identifiable Information
- 1.3. Protect Yourself from Liability
- 2.1. The Information You Collect
- 2.2. How the Information is Collected and Used
- 2.3. Information You Disclose or Share
- 2.4. How Customers Can Update and Access Information
- 2.5. How You Protect Personal Information
- 2.6. List Procedures for Opting Out
- 4. Summary
At Step 1, select the Website option or App option or both.
Answer some questions about your website or app.
Answer some questions about your business.
In addition to the fact that Privacy Policies are now required by major privacy and data protection laws worldwide, they also protect dropshipping company owners from liability. Let's talk about specifics.
You're Collecting Personally Identifiable Information
Under privacy laws, personal information includes all data used to locate, identify, or contact an individual. Just some of the kinds of data that can be considered "personal information" includes the following:
- Credit card numbers
- Screen names
- Telephone numbers
- Biometric data
- IP addresses
- Physical addresses
- Sexual orientation
- Date of birth
- Political affiliations
- Religious affiliations
- Full names
- Passport numbers
Now, this isn't a complete list of the kinds of data that comprises "personal information" under the law, but you get the idea.
- Several Asian countries, including South Korea, Singapore, Vietnam, and Malaysia, all have personal data protection acts (PDPAs) that also require companies to have a PP.
Protect Yourself from Liability
Since most major countries have enacted privacy legislation, if you continued doing business without complying and a customer decided to take you to court, you'd be up a creek without a paddle. You would be completely unprotected.
The Information You Collect
For instance, if you collect names, email addresses, telephone numbers, and credit card numbers when someone makes a purchase, you need to let your customers know that.
This is how Sunrise Wholesale lists the kind of information it collects:
Here's an example that has more details and information in an organized format:
How the Information is Collected and Used
Some Privacy Policies include the "how" with the "what" of data collection in the same section. However, others separate the "how' in a section all to itself. Again, being as specific as possible is better than talking in generalities.
Here's an example of a clause disclosing this:
Disclose how it will be used as well, as seen here:
Information You Disclose or Share
Remember that some companies share personal data with third parties with whom they are affiliated. Sometimes they do so as a matter of legal process. Occasionally personal data is sold to third parties, too. You need to detail what information is shared or sold and under what circumstances. You should also be as clear as possible about the nature and identities of the third parties with whom you share information.
Here's how ASI, an IT and software dropshipping company, discloses this information.
Here's another example with additional details and information:
How Customers Can Update and Access Information
Under current privacy laws, customers have the right to access the private information you've collected from them. They also have the right to correct it if it's not right, and they also have the right to have you delete that information.
Here's an excerpt of a clause dislcosing rights:
Many dropshipping companies comply with the law simply by letting their customers know that they have these rights and giving some information on how they can be exercised.
Shopify lets customers know how this information via a detailed clause seen below:
How You Protect Personal Information
Teledynamics lists how it protects customer data like this:
List Procedures for Opting Out
You're required to give customers a way to say "no" to accepting emails, cookies, and other communication and data collection efforts, as well as sharing and selling of personal data. If you don't provide your customers with a straightforward way to opt out of your communications or data collecting efforts, you're opening yourself up to liability. You could face significant fines.
Here's an example of how to disclose this:
Providing a way to opt-out also shows your customers respect. Just because they bought something from you once doesn't mean they are obligated to receive your marketing messages until the end of time.
Showing that kind of respect increases the likelihood that customers will retain a positive image of your brand even if they don't want you communicating with them right now.
Here's how Shopify let's people know that they can opt out of allowing tracking cookies to be placed on their devices:
Personal information includes such things as first and last names, email addresses, login information, telephone numbers, physical addresses, social security numbers, credit card information, and more.
- What personal information is collected, why the data is collected, and how the information is used
- How personal information is collected
- What types and categories of personal information are shared with third parties
- Whether personal information is sold
- How customers can access their information, correct it, or have it deleted
- How you protect your customers' personal information
- How customers can opt-out of communications or data collection efforts
- Detail your policies on updating your PP and how you notify customers when updates occur