Privacy policy is a statement included on a website that details how the operators of the site will collect, store, protect, and utilize personal data provided by its users.

The information of personal data consists of names, addresses (physical or e-mail), IP addresses, telephone numbers, date of birth, and financial information, such as debit or credit card details.

In addition to outlining how the company will use the information, it also includes how it will meet its legal obligations, and how those sharing their data can seek recourse should the company fail to meet those responsibilities.

Why it is necessary to mention privacy policy in Your Website?

Sites that gather any data about its users, even if it is simply through tracking their location, is required to have a privacy policy.This mainly includes ecommerce sites, sites that track users' behavior through cookies, and even companies that simply send out occasional newsletters.Many websites need site users to indicate that they have read the policy when they first provide their information.

A privacy policy is a legal requirement in almost every country in the world. As of November 2016, over 100 countries had existing data protection laws, with another forty currently in the process of enacting legislation. While the specific requirements vary by country, most have common features, such as how data will be protected. By the nature of the internet means that websites may be accessed and utilized by people anywhere in the world, privacy policies need to meet the major standards, such as those required in Europe and the United States.

EUROPE

In Europe, those countries which form part of the European Economic Area (EEA) are required to meet seven principles.
These principles require that the data collected be limited to only that which is entirely necessary for the purpose of the site; how individuals may access their data; how the information is protected; and the accountability of the data collector.

As of May 2016, the General Data Protection Regulations (GDPR) became law across the EEA, standardizing the regulations across the entire region. Any organization whose website is available in Europe will be required to meet the GDPR, regardless of where in the world it is registered, including Canada and the USA.

UNITED STATES

In the United States, there is no over-riding data protection law, but it does have a number of other laws that cover specific demographics and circumstances. One of the best known is the Children's Online Privacy Act (COPPA).

This regulates websites that are deliberately targeted at children under the age of 13, whether or not they collect data. It also applies to websites that, while they may not be targeted at children, knowingly collect information from users who are under the age of 13.

The other latest regulation that takes effect in January 2020 is the California Consumer Privacy Act (CCPA).Any website that meets these criteria and is accessible within the United States must adhere to these regulations. Usually, where a site does gather information from children, a parent or guardian must provide their consent for this to happen.

THIRD PARTY ADVERTISING

So many non-ecommerce websites, especially blogs, generate income through advertising placed on their site by third parties. The best-known ones are Google's Ad Sense and Amazon Affiliates, although there are many other similar schemes. As these schemes involve the sharing of data, before being allowed to take part in either program, websites are required to have privacy policies published within them.

PAYMENT PROCESSING

Any website that processes payments must have a stringent privacy policy. Not only are these sites collecting data such as names and addresses, but they are also accessing financial information such as credit card or bank account details. A breach of this data could have serious consequences for the people affected. The policy should include the security measures that are in place to protect the data.

The exact content of a privacy policy is dependent upon the function of the site that it relates to, the information that is gathered and how it's used. There are a number of basic elements, however, that any privacy policy should include. These are:

FACEBOOK

We collect the content and other information you provide when you use our services, including when you sign up for an account, create or share, and message or communicate with others. This can include information in or about the content you provide, such as the location of a photo or the date a file was created. We also collect information about how you use our services, such as the types of content you view or engage with or the frequency and duration of your activities.

Facebook clearly outlines what information that the user provides - whether deliberately or not - will be accessed and used. There is no ambiguity about what data will be collected, and where from.