According to a study by TrustArc, 92% of users in the U.S. are concerned about online privacy. Only 31% of users understand how their personal information is shared and 74% have limited their online activity due to privacy concerns.

Gaining and keeping the trust of site visitors and customers plays an important role in your success as a business. You can establish trust with your customers by posting a privacy policy that clearly states how you collect and use their information. Your privacy policy should also incorporate the information required by GDPR.

What is the GDPR?

General Data Protection Regulation (GDPR) went into effect on May 25, 2018, and aims to provide additional protection of personal data for citizens of the European Union (EU). This consumer protection initiative affects business in the EU but worldwide, and you need to take the necessary steps to review how you collect data and gain user consent.

What Makes a Comprehensive Privacy Policy?

Another important step is ensuring your privacy policy is updated and contains clear language about how you collect and use personal data. Your privacy policy should always:

• Be transparent and written in an intelligible manner
• Use clear and concise language
• Be easily accessible
• Clearly state how users can request removal of their personal data
• Explain what data you collect, how it is collected, and how you keep it secure
• Notify users of cookie use

How GDPR Impacts Privacy Policies

GDPR requires that you explain how data is used and how they can request the removal of their personal data. To meet this requirement, you will need to establish a process for deleting personal data and clearly state the procedure in your privacy policy. Items you should include are:

• What information and services their data is used for
• Whether providing data is required to access your site information or create a user account
• If and how data is used for automated screening purposes (loans, credit scores, etc.)
• Name of your data controller and contact information for data removal requests
• Information about international privacy laws
• Your lawful basis for processing data

Long privacy policies filled with legal language can confuse consumers and prevent them from fully understanding how their personal information is used and collected. With policies like GDPR in effect, your privacy policy must be clear and easily understood by a general audience.

Learn more about GDPR privacy policies.

Contact Ecreative Today

Ecreative is a leading digital marketing and web development agency operating out of Minnesota's Twin Cities and serving industrial B2B clients nationwide. Our experts are well-versed in privacy policy guidelines and data collection regulations, and we can help you navigate the complex waters as you craft a comprehensive policy that satisfies all requirements.

Schedule a free consultation today to get started.