Describe how you share information about your visitors/customers. This should include marketing activities performed by you (e.g. marketing emails, newsletters, sales calls, etc...) as well as how you share information with other organizations (e.g. soliciting quotes from a third party on a client's behalf). Be sure to disclose if you sell or disclose contact or other personal information to a third party. Also inform the visitor/customer if their explicit consent will be required before their information is shared.
Describe methods that may be used to opt-out of marketing emails/newsletters and other marketing activities as required by CAN-SPAM laws.
If your website is targeted towards children under age 13. Be aware of, and ensure your privacy practices comply with the Children's Online Privacy Protection Act (COPPA)
Have your policy reviewed by a qualified third party and by a legal professional. Having your policies reviewed by a third party will allow you to obtain a seal of approval. This can provide added credibility to your site. In addition having a legal professional review your policies will help determine if your policies are adequate.
Finally, make sure you, and your organization, follow the policies that you have established. Failure to do so may result in investigation by the Federal Trade Commission, litigation, or fines.
While risk management techniques, such as privacy policies, are essential to protecting your organization, we believe that organizations should also obtain cyber liability insurance. To learn more about cyber liability click here or call us at (801) 506-5060.
Additional Information may be found here:
- US Small Business Administration: Privacy Law
- US Small Business Administration: Online Advertising Law