Last updated on 06 August 2021 by William Blesch (TermsFeed Legal and data protection research writer)
That might sound crazy, but many of these new laws demand that companies adhere to their rules and regulations whether your company has a physical presence in the geographic region those laws cover or not.
In addition to the fact that Privacy Policies are now required by major privacy and data protection laws worldwide, they also protect dropshipping company owners from liability. Let's talk about specifics.
Under privacy laws, personal information includes all data used to locate, identify, or contact an individual. Just some of the kinds of data that can be considered "personal information" includes the following:
Now, this isn't a complete list of the kinds of data that comprises "personal information" under the law, but you get the idea.
Since most major countries have enacted privacy legislation, if you continued doing business without complying and a customer decided to take you to court, you'd be up a creek without a paddle. You would be completely unprotected.
For instance, if you collect names, email addresses, telephone numbers, and credit card numbers when someone makes a purchase, you need to let your customers know that.
This is how Sunrise Wholesale lists the kind of information it collects:
Some Privacy Policies include the "how" with the "what" of data collection in the same section. However, others separate the "how' in a section all to itself. Again, being as specific as possible is better than talking in generalities.
Remember that some companies share personal data with third parties with whom they are affiliated. Sometimes they do so as a matter of legal process. Occasionally personal data is sold to third parties, too. You need to detail what information is shared or sold and under what circumstances. You should also be as clear as possible about the nature and identities of the third parties with whom you share information.
Here's how ASI, an IT and software dropshipping company, discloses this information.
Under current privacy laws, customers have the right to access the private information you've collected from them. They also have the right to correct it if it's not right, and they also have the right to have you delete that information.
Maybe that sounds difficult, but it doesn't have to be. Many dropshipping companies comply with the law simply by letting their customers know that they have these rights and giving some information on how they can be exercised.
Shopify lets customers know how this information via a detailed clause seen below:
Teledynamics lists how it protects customer data like this:
You're required to give customers a way to say "no" to accepting emails, cookies, and other communication and data collection efforts. If you don't provide your customers with a straightforward way to opt out of your communications or data collecting efforts, you're opening yourself up to liability. You could face significant fines.
Providing a way to opt-out also shows your customers respect. Just because they bought something from you once doesn't mean they are obligated to receive your marketing messages until the end of time.
Showing that kind of respect increases the likelihood that customers will retain a positive image of your brand even if they don't want you communicating with them right now.
Here's how Shopify let's people know that they can opt out of allowing tracking cookies to be placed on their devices:
Personal information includes such things as first and last names, email addresses, login information, telephone numbers, physical addresses, social security numbers, credit card information, and more.