A "How Do We Collect Your Information" clause outlines your methods of gathering personal information, thus contributing to GDPR and various privacy law compliance. Transparency with customers and trust-building hinge significantly on this clause, regardless of business size.

Understanding this clause is crucial for legal protection and fostering a credible business image. This article aims to dissect what goes into the clause, its importance, and provide guidance on crafting it to suit your distinct needs.

Our Privacy Policy Generator makes it easy to create a Privacy Policy for your business. Just follow these steps:

  1. At Step 1, select the Website option or App option or both.

    TermsFeed Privacy Policy Generator: Create Privacy Policy - Step 1

  2. Answer some questions about your website or app.

    TermsFeed Privacy Policy Generator: Answer questions about website - Step 2

  3. Answer some questions about your business.

    TermsFeed Privacy Policy Generator: Answer questions about business practices - Step 3

  4. Enter the email address where you'd like the Privacy Policy delivered and click "Generate."

    TermsFeed Privacy Policy Generator: Enter your email address - Step 4

    You'll be able to instantly access and download your new Privacy Policy.



What is a "How Do We Collect Your Information" Clause?

A "How Do We Collect Your Information" clause, found within a website's Privacy Policy, delineates the methods used to collect personal information from users.

It typically covers the types of personal information collected, the reason for collection, and the precise means of acquisition. Incorporating this clause into your Privacy Policy is paramount for comprehensive data transparency.

Is a

Yes, a "How Do We Collect Your Information" clause is a legal requirement. Privacy laws across the globe mandate this transparency in data collection, including the General Data Protection Regulation (GDPR) in the EU and the California Consumer Privacy Act (CCPA/CPRA) in the U.S. just to name a slight few.

The primary motivation behind these laws is to ensure that users have control over their personal information. They highlight the necessity of informed consent.

Users have the right to know what personal information of theirs is being collected, how it's collected, and for what purposes.

For instance, under the GDPR, organizations are required to disclose the 'source' from where they collect customer information. In the United States, the CCPA necessitates businesses to be transparent about their data collection processes.

Hence, including this clause in your Privacy Policy not only fosters trust but also keeps your business in line with global privacy laws, reducing potential legal risk while boosting compliance.

What to Disclose in Your "How Do We Collect Information" Clause

What to Disclose in Your

Creating an inclusive "How Do We Collect Your Information" clause involves detailing the processes you employ to gather personal information. The following information should be included.

Categories of Information Collected

Identify the types of personal information you acquire, such as names, email addresses, device information, IP addresses, geographical data, or user browsing records. Ensure all aspects are covered, as The Gold Standard does below:

The Gold Standard Privacy Policy: Collection of your personal data clause

Data Collection Methods

Clearly define the methodologies employed for data collection. This usually involves two primary methods.

Directly From Users

Instances where users willingly provide their information should be stated. Examples include account registration, newsletter subscription, transaction completions, or contact form submissions.

Here's how Mika Myers lists this information:

Mika Myers Privacy Policy: Volunteered Data and Information clause

Automated Data Collection Techniques

Details of any automated means of data collection should be mentioned, as seen below:

Mika Myers Privacy Policy: Data collected automatically clause

Here are some examples of common methods used to automatically collect data, and how you can present this information in your Privacy Policy.

Cookies: Elucidate how cookies are utilized to gather data on user preferences or browsing habits.

Mika Myers Privacy Policy: Cookies and Tracking clause

Analytics Tools: Indicate if you employ services like Google Analytics to acquire cumulative data on site usage like Arkatechture does here:

Arkatechture Privacy Policy: Analytics tools clause

Server Logs: Disclose if you gather data such as device info or IP addresses from server logs as you can see from this Mancan example:

Mancan Privacy Policy: Automated data collection clause

Third-party Data Collecting: If data about your users is acquired from third-party sources like advertising networks or social media platforms, it should be mentioned. Disclose who these third parties are and the type of data they provide.

Mika Myers Privacy Policy: Data from Third Parties clause

Remember, your goal is to offer a transparent and complete understanding of your data-gathering practices. This not only builds trust with your users but also adheres to your legal responsibilities under global privacy laws.

How to Write a "How Do We Collect Your Information" Clause

How to Write a

Privacy laws mandate that websites disclose how they gather user information in their Privacy Policies, and this disclosure must be easy to understand for all users. For instance, the GDPR mandates it to be done in a "concise, transparent, intelligible and easily accessible way."

Hence, when writing this clause, you need to ensure clarity and simplicity, avoiding complex and confusing language to ensure user comprehension and legal compliance. Remember that if the clause is not easily understood, it could cause legal problems in the future.

A 'How Do We Collect Your Information' clause should also be tailored to fit your company's way of doing things, though there are common formats to consider, including paragraphs being incorporated into other clauses and a list of bullet points.

Use Short Paragraphs

Short, simple language paragraphs are most effective. Also, it's helpful to break up the text with white space or visuals for readability.

Here's an example of a paragraph format from Align Pay:

Align Pay Privacy Policy excerpt

LinkedIn uses subheadings to categorize the data collected, followed by examples and short descriptive paragraphs:

LinkedIn Privacy Policy: Data you provide to us clause excerpt

Short paragraphs of three or fewer sentences also help maintain user engagement.

Use Bullet Points

Bullet points are favored for their ability to handle a large amount of personal information in an organized and concise manner.

MeWe uses this approach to outline its data collection methods in clear, concise sentences:

MeWe Privacy Policy: How we collect your personal data clause

Here's how Pepsico uses bullet points to set out information in a way that's directly to the point and easy to take in:

Pepsi Privacy Policy: How do we collect information clause

Don't Use Legalese

The clause should be devoid of jargon or industry terms. Make it so that your average non-lawyer reader can understand what the clause is saying. Content should also be focused on short, concise sentences and sections.

Google's Information Google Collects clause is an excellent example of clarity:

Google Privacy Policy: Information Google Collects clause with video intro

Combine With Other Clauses

Merging this clause with others in your Privacy Policy, such as what information is collected, can create a comprehensive picture of data collection.

This technique can contextualize the types of personal information collected with the methods and timing of the collection.

American Blanket Company combines the methods of collection of personal information and the categories of personal information in its Privacy Policy as seen below:

American Blanket Company Privacy Policy: What information do we collect clause

In summary, when writing this clause, ensure it is easy to understand, contains relevant information, and is well-formatted for readability and comprehension.

How Do I Display a Privacy Policy With a "How Do We Collect Your Information" Clause?

Displaying your "How Do We Collect Your Information" clause starts with embedding it within your Privacy Policy. However, merely including the clause in your Privacy Policy is not enough.

The Privacy Policy needs to be prominently displayed on your website or app to ensure that users can easily find and review it. To ensure comprehensive visibility and legal compliance, you can place your Privacy Policy in the following locations.

This is a common practice as it allows the policy to be accessible from every page on your site. Users typically expect to find legal information in the footer, making it a practical spot.

Here's how Wolverine does this:

Wolverine website footer with Privacy Policy link highlighted

During User Account Creation

Displaying a link to your Privacy Policy along with text urging users to review it during the account creation process ensures that users are aware of your data practices before they share their personal information with you.

BitChute places its Privacy Policy conspicuously on its registration form:

BitChute Create Account form: Privacy Policy link highlighted

Checkout or Transaction Pages

For ecommerce sites, display a link to the Privacy Policy at checkout. This is especially important if you're collecting payment and address information.

Tervis does this well in the following screenshot:

Tervis checkout form with Privacy Policy link highlighted

On Email Subscribe Forms

If you're collecting personal information via forms such as email subscription forms, a link to your Privacy Policy should be present to make the user aware of data handling practices.

Here's how The Daily does this:

The Daily email sign-up form with the Privacy Policy link highlighted

Summary

A "How Do We Collect Your Information" clause is a vital part of a Privacy Policy, stipulating the methods through which user data is gathered. It is legally required by privacy laws such as the GDPR and CCPA (CPRA).

The clause must be clearly written and easy to understand, using common language. It can be presented in various formats like paragraphs, bullet points, or even integrated with other clauses. The important thing is that it maintains readability and transparency.

The clause and the Privacy Policy should be prominently displayed in numerous spots across your website or app to ensure easy accessibility. These can include your:

  • Website footer
  • User account creation page
  • Checkout page
  • App store descriptions
  • Data collection forms

Our Privacy Policy Generator can create a professional, tailored Privacy Policy based on your unique business requirements. It's a powerful tool that helps you ask and answer the right questions about your data practices.

We also offer a free Sample Privacy Policy template available for download. These resources can help you build a trustworthy relationship with your users while staying compliant with privacy laws.

Privacy Policy Generator
Comprehensive compliance starts with a Privacy Policy.

Comply with the law with our agreements, policies, and consent banners. Everything is included.

Generate Privacy Policy