GDPR has been getting the spotlight and it might very well affect you. It’s why you’ve been getting so many emails lately about websites changing and updating their privacy policies, and it’s why you should be doing the exact same thing.
- First and foremost, be honest. Tell users what you’re gathering data for, where you’re sending it, and why.
- Be specific. If you’re sending their data somewhere, anywhere, you need to have it in your policy. You need to specify exactly what data you’re handling and which data is going where.
- Be transparent. Don’t try to hide anything because, frankly, it’s a bad idea. If you’re distributing user information to a third party then you need to say that.
- Be purposeful. Don’t just collect all the data you can because “why not?”. Collect only the data you need, specify that in the contract, tell users where it’s going and that’s that.