Some federal and state/provincial laws apply to privacy policies for websites that collect and share consumer data, including data collected passively using cookies. There are also limits on how a business can collect sensitive data, such as personal information from children under 13, protected health information, or information collected to provide certain financial products or services (e.g., loans, investment advice, insurance) to consumers.
Even if you’re not processing sales transactions on your site, you may be collecting your visitors’ personal data to generate leads, make appointments, manage newsletter subscriptions, or to share with advertisers. You’re probably using web analytics to gather data to optimize your website’s performance.
Along with information on how to collect, safeguard, store and dispose of customer data, BBB also advises on how to create a culture of privacy in your company, instilling and promoting privacy as a core value. “Safeguard privacy” is one of BBB’s eight “Standards for Trust.” BBB Accredited businesses must pledge to adhere to the “Standards for Trust,” but all businesses can use them to define a corporate culture that advances trust in the marketplace.
The new “Data Privacy Planning” guideline also helps businesses plan for growth, and addresses special circumstances when bricks-and-mortar businesses go online, when domestic businesses become international, or when any business makes the leap to mobile.