You'll need to include an easy-to-find privacy policy. The privacy policy must state how your organization collects, uses, and shares personal information.
To ensure that your privacy policy is thorough and compliant with regulations, it should cover the following key points:
- Introduction: Give an overview of your company and the purpose of the privacy policy.
- Types of Information Collected: Specify the types of personal information collected from customers (e.g. name, email address).
- Method of Information Collection: Describe how customer data is collected.
- Purpose of Data Collection: Explain why customer information is collected and how it will be utilized.
- Data Security Measures: Detail the security measures implemented to safeguard customer data from unauthorized access or misuse.
- Data Sharing: Disclose whether customer data will be shared with third parties, and under what circumstances. It is important to state that SMS consent or phone numbers collected for SMS purposes will not be shared under any circumstances for marketing purposes.
- User Rights: Inform customers of their rights regarding their personal information, such as accessing, updating, or deleting their data.
