The privacy act requires that the business in question be run under those terms spelled in the act. The act is more of like a business constitution. A Privacy Act cover sheet can help provide a summary of the content of the privacy act. You can also see APA Cover Sheet Templates. The idea of displaying a privacy policy was required by law to respect and protect privacy even in spaces as risky as online web pages. As a private company, you have the right to protect your legal documents from the eyes of others. Yet, there’s one legal document that you’re absolutely required to divulge the contents of - the privacy policy. Operationalize your privacy program with automated PIAs and DPIAs to efficiently achieve privacy by design.
The Campus Online Activity Policy states:
'Technology service providers who collect data via website interfaces must adhere to the provisions of the Privacy Statement for UC Berkeley Websites and must post a privacy statement to notify users regarding the types and uses of data that is gathered. Online service providers may further refine the standard campus privacy statement to include additional privacy provisions, but may not reduce the level of their activities' compliance.'
Your privacy statement must accurately reflect your site's data collection and use.
- Your privacy statement should be clear, direct and easy to understand.
- Keep technical jargon and legal terminology to a minimum.
- If you decide to modify how you use personal information, you must inform your users.
- A company’s privacy policy is only as strong as the staff that implements it.
How to write a privacy statement to reflect your site's data collection and use
1) Determine what types of information you collect from visitors to your website. Is the information personally identifiable? For example, does your site collect:
- names
- addresses
- phone numbers
- e-mail addresses
- IP addresses
- access dates and times
2) Why is this information collected? Is the data collection appropriate to the activity or transaction? If not, why do you collect it?
3) By what means is this information collected?
- cookies
- weblogs
- surveys
- web forms
- registration for an event or course
- newsletter sign-up
- to place an order
- credit card # ((Note: Billing and Payment Services approval is required to handle credit card transactions.)
- SSN (As of July 1, 2010, Campus policy requires approval for all electronic processes that collect, use, or store SSNs.)
4) What will this information be used for and who will have access to it? (Campus policy prohibits sharing, re-distributing or selling personal information collected on webservers.)
- Do you have the user's consent to collect and use the information?
- Does the user have the option to prohibit such collection and use?
- Is the site hosted by an outside vendor? What will they do with the information?
- Does the site use any kind of analytics? If so, have you informed the user and provided directions to disable analytic tracking?
- How long will the collected information be stored?
5) How will users be informed if your privacy policies change (including changes to how the information will be used)?
- Via email?
- Will you post a privacy statement modification date?
The Fair Information Practice Principles of transparency and consent require that consent is obtained prior to collection. Additionally, users must be informed if their information is used for any purpose other than for which consent was given.
6) How can visitors with questions about your site's privacy statement contact someone?
- Have you provided a webmaster contact address?
- Have you provided a departmental contact telephone number?
7) How is user information protected?
- Computer safeguards?
- Secured files and physical access controls?
- If the site is not intended to handle confidential information, have you informed users?
- Are there alternate ways for users to provide confidential information, such as via staff phone numbers?
- Is SSL activated?
Customizable Privacy Statement Templates
If your website does not collect analytics or other personal information, this sample Privacy Statement[WORD] can be customized (with revision dates, and contact information) for use on your UC Berkeley website.
If your website collects analytics or other personal information, this sample Privacy Statement [WORD] can be customized for use on your UC Berkeley website.
Some Campus Examples
- Cal Performances: (click on the 'Privacy' tab)
- Graduate Division:
- Career Center:
- Information Security & Policy:
Resources
- US Federal Trade Commission: Getting Noticed: Writing Effective Financial Privacy Notices
- State of California Department of Justice: How to Read a Privacy Statement
Create a free privacy policy online for your website or mobile app to comply with GDPR, CCPA, CalOPPA, Google Analytics, AdSense, ecommerce laws, and more.
Generate Privacy PolicyGoogle Ads
GDPR
AdSense
Privacyielts Document File
Privacy Policy Generator Features
Policies for Multiple Platforms
Get a privacy policy for your blog, ecommerce site, SaaS, online store, iPhone app, Android app, or Facebook app. Do you have an app and a website? Our privacy policy generator can support multiple platforms in a single policy.
CCPA- and GDPR-Compliant
Generate a privacy policy designed to meet the guidelines of laws like the GDPR, CCPA, and CalOPPA, along with provider requirements like Amazon Associates, Google Play, Analytics, Adsense, the App Store, and more!
Privacyielts Document Image
Automatic Attorney Updates
Privacyielts Document Software
Whenever new legislation comes out or current privacy laws are amended, our team of lawyers will automatically update your privacy policy to help you stay compliant with the latest privacy laws and best practices.