- What personal information the business collects from individuals online;
- How the personal information is collected;
- How the business uses the personal information;
- How and to whom the business discloses the personal information;
- How the business manages and stores the personal information that it collects; and
- How the individuals can correct the personal information.
There is no one law that governs privacy policies or that prescribes what to include. Federal laws impose specific requirements for businesses in the health care and financial services industries and for businesses that collect personal information about children. A few states also have laws requiring privacy polices if a business collects personal information from residents in those states. If a business is targeting residents of the European Union (EU), then the requirements of the EU’s General Data Protection Regulation (GDPR) also apply. Certain popular Internet tools, such as Google Analytics and Facebook Lead Ads, also require privacy policies.
Click here for a shareable PDF of this article.