Ecommerce store owners need to both limit their risk as well as manage the expectations of their customers to avoid any misunderstandings.
- What kind of information is collected from the visitor/customer and why it is required e.g. an email address is required for communication.
- How the visitor’s/customer’s information is collected and securely stored.
- Explain if data may be left on a user’s computer, such as cookies (which is often used to track the viewing habits of visitors, make it easier for returning customers to login and remembers what products were added to the shopping cart. If you offer the option of avoiding cookies, inform them of the website features that will not be available to them as a result.
- What you will do with the information collected and in what circumstances will it be released.
- How, if any, of the collected information is shared or even sold. If shared, it should include an opt-out option for those customers who don’t want their information disclosed to third parties.
- How customers can review the information a website has collected from them and how they are able to change or delete that information
- For what period of time is the information held for and who has access to the collected data.
- The policy’s effective date and a description of any changes since then