Understanding Internet Privacy Policies

With data breaches hitting the headlines month after month, many Internet users have expressed serious concerns about sharing their information online. A company’s privacy policy can help you understand the types of information being collected, to whom that data is given, and how it will be used. However, most are extremely complex and difficult to understand. Any privacy policy should answer these essential questions:

What personal information is collected?

The website’s privacy policy should outline the types of information being gathered. This could include data such as: contact information, government-issued identification numbers, payment method details, education, work experience, income, and medical information.

Why is this information necessary?

You should understand why your information is being collected. If you’re making an online purchase, requiring you to provide your name, home address, phone number, and credit card information is reasonable. However, questions about what you do for a living and your household income aren’t necessary. If there are questions beyond those needed to complete your transaction, the purpose of collecting the information should be clearly stated. Look for the chance to opt out of providing unnecessary information, and consider taking your business elsewhere if you can’t complete the transaction without it.

Who will have access to your information?

Does the company share your information with affiliates inside their organization? Do they share data with any outside companies? What are the terms under which information may be shared with the government and law enforcement? If you ever have any questions about who your data is being shared with, contact the company and ask for more information.

How is your information used?

The privacy policy should disclose how the organization intends to use your information. Will it be used exclusively for this transaction, or will it also be used to market to you in the future? If a merchant plans to use your information in future marketing efforts, you should be given an easy way to opt out of those communications.

How can you opt out?

Look for opportunities to protect your privacy by calling a toll-free phone number or sending an email to opt out of future targeted marketing messages.

Can you review or correct your personal information?

Look for instructions explaining how to review or request changes to the personal information the company has collected from you.

Who is accountable for the company’s privacy practices?

Does the policy provide contact information for the individual responsible for the company’s privacy practices? Is there an easy way to contact this person by phone or email?

How long will the company honor their privacy policy?

Some policies come with an expiration date. It is important to know when and what will happen when this date arrives. Do they pledge to notify you if there are any future changes? Will they offer you a chance to opt out of having your information used according to the terms of the new policy?

What security measures are in place to protect your personal information?

This includes protecting your information during collection and storage of data. The privacy policy should provide a general description of the security measures used to keep your information safe. This should include any security safeguards that the organization requires business partners and vendors to use.

Find It Fast

Now that you know what to look for, here’s how to find the information you need quickly. Use your browser’s manual search function to jump to key phrases. These keywords are likely to lead you to the information you need: email, marketing, arbitration, waive, waiver, third-party, affiliate, opt-out. Try scanning the policy for any words or phrases in boldface or all caps, since there’s a good chance that the most important information is highlighted this way.

It can be tempting to just skip over the fine print and assume that a company will protect your information, but that assumption could be putting your privacy at risk. Reading a company’s privacy policy may help you discover some privacy settings and choices that you were previously unaware of. You will also find that some companies take your privacy much more seriously than others, which can help you decide who you prefer to do business with.

Greg’s extensive technical expertise spans nearly 2 decades of study and application. As a constant advocate of security and technical excellence he leads his team in staying abreast of technology developments, benefits and potential threats to business continuity and efficiency.