Best Practices: Online Privacy Policies
1. Be Factual
Avoid exaggerating the nature and extent of privacy you provide. Ensure that anything you say in the policy can be verified or is a true reflection of your organisation’s data handling practices. Outline in clear detail the following matters:-
2. Make it clear and simple
3. Obtain User Consent
5. Demonstrate Accountability
6. Follow Data Minimisation Approach
Collect only the amount of personal data that is relevant for the purposes that you have identified in your policy. In the context of your online business/website/app, ask yourself what is the absolute minimum information you require and how do you intend to use it? For example, if it is a blog, you may need only email addresses so you can alert your followers of new posts or you can send them newsletters on the latest topics or trends. Telephone numbers and IDs may not be necessary. On the other hand, if you are selling products through your app or website, you may need a host of information for purposes of the contract. This may include full names, email, phone numbers, credit/debit card information etc. But even here, be careful to seek only what you require. The bottom line, be clear on why you need the information you are collecting. Avoid collecting data on the off-chance that it may be useful in the future.
Disclaimer! Venturelawkenya contains only general information about legal matters. It is not legal advice and should not be treated as such. You must not rely on the information on this website as an alternative to legal advice from your lawyer/advocate or other professional legal services provider. If you have specific questions about any legal matter you should consult with your advocate or any other suitable professional legal service provider.