22 December 2020
The U.K., Canada, and Australia laws also require Privacy Policies.
Enter your email address where you'd like your policy sent, select translation versions and click "Generate."
This kind of clause makes it clear to users what personal information you need for your website or mobile app to function properly and allows users to determine whether they are comfortable giving that information to you.
Other Privacy Policies contain more detail. SurveyMonkey gives a complete list in its agreement:
A detailed but incomplete list of types information collected can work against your business more than broadly described information types.
Under its section "How We Collect Information", Trello explains that it collects information in two ways:
Like the type of information collected, these are also detailed sections.
Clauses regarding information collected just by using the Trello app mention Google Analytics and IP addresses. The clause also clarifies that this collection usually collects non-identifying personal information:
Information provided directly by users could seem self-explanatory. After all, many businesses request names, email addresses, user names, and payment information.
Explaining why you collect data and what you do with it also provides additional liability relief. Depending on your business, you may have several purposes for collecting information from users.
The "What we're doing with the collected information" section is best written in detail since you do not want to be accused of using personal data inappropriately.
Trello does not have a separate "Cookies Policy", but in its section on collecting information, it mentions cookies. It explains that cookies help with analytical data and users have an option to refuse them (but by doing so there's a likelihood that Trello may not work properly).
Advertisers, analytics apps, and social networking apps (Facebook, Twitter) are third parties who may access the collected data or collect data through your website or mobile app.
AOL addresses this regarding advertisers but also third parties that help the AOL website function:
Unlike Terms & Conditions, Privacy Policies do not normally contain provisions on governing law.
That said, privacy is often a contentious issue and disputes can arise. For that reason, "Governing Law" provisions are replaced with clauses regarding dispute resolution.
If your company merges with another or is acquired by a larger entity, your users will likely feel concerned about the continued handling of their information.
The method you chose for notifying your users about changes can be described by you in the agreement.
Due to anti-spam laws in several nations, such as CAN-SPAM in the US, you need to be careful sending users unwanted email.
Microsoft includes a section to comply with CAN-SPAM in its "Privacy Statement":
The Child Online Privacy Protection Act (COPPA) is a U.S. law that places additional requirements on web service providers who cater to children. COPPA applies to children under 13 who live in the U.S.
Websites or apps that are only available to adults or those over 13 generally include that there's no intention to collect information from those under 13.
The Public Broadcasting Service (PBS) runs a "PBS Kids" page designed for children. A detailed COPPA page explains that data is only collected with the consent of parents or guardians and extra protection is taken in account:
Users can delete their accounts with you or you may act on your Terms & Conditions and deny access to a user who violated your rules.
The normal course of action is to retain personal information only as long as necessary and destroy at the end of that time period, but compliance requirements may compel you to keep it longer.
Large companies generally afford to have separate departments for these inquiries, especially if the company takes a Privacy By Design approach.
This article is not a substitute for professional legal advice. This article does not create an attorney-client relationship, nor is it a solicitation to offer legal advice.