By Melissa Zabkowicz
Facebook recently divulged that the personal data of up to 87 million users may have been improperly shared with a third party.
The scandal publicized Facebook’s collection of very personal user data. Users around the world were shocked by the revelation and have rallied against the company and its executives. Recently, Facebook CEO Mark Zuckerberg was questioned and criticized in a congressional hearing about the company’s policies regarding user data. This recent attention to Facebook’s policies has consumers asking how companies use their data. It may also leave companies wondering whether to review and revise internal policies regarding customer data.
Although few companies collect the breadth of personal data held by Facebook, almost every company collects some personal data from customers.
In light of the recent privacy scandal at Facebook, consumers have become increasingly aware of the scope of companies’ collection and use of their personal data. Most users know that some of their data will be collected – so transparency and honesty are critical.
Companies should consider doing these six things with their privacy policies:
Explain how data will be used
Policies should explain to customers how their data will be used by the company. For example, companies should inform customers if they are using data for processing payment transactions, sending marketing communications, or personalizing customers’ experience. Policies should also state whether customers’ data are being provided to third parties.
Make data accessible
Allow choices regarding data collection and use
A policy should provide customers options concerning how data are collected and used. For example, companies should give customers an avenue with which to delete or modify any personal data from their systems. Companies may also inform customers when they will respond to a delete or edit request. If they are unable to respond within the stated time, they should provide customers with an explanation. Many companies also remind customers that they may un-enroll from receiving e–mail advertisements by following a link at the bottom of those same e–mails.
Communicate security standards
Offer a means of redress
Lastly, companies should provide customers with the contact information of a company representative who can help with any inquiries they might have, as well as concerns that privacy policies are not sufficient or are not being followed. This is a big step in gaining customers’ trust.
Most companies have social-media pages, and use those pages as a way to interact with customers. In fact, companies might get more traffic through social media than their own websites.
Accordingly, it is imperative that companies’ privacy policies include a statement regarding social-media privacy.
Pitfalls of misleading privacy policies