Skip to main content

We use cookies to give users the best content and online experience. By clicking “Accept All Cookies”, you agree to allow us to use all cookies. Visit our Privacy Policy to learn more.

Cookie Preferences

Many websites use cookies or similar tools to store information on your browser or device. We use cookies on BBB websites to remember your preferences, improve website performance and enhance user experience, and to recommend content we believe will be most relevant to you. Most cookies collect anonymous information such as how users arrive at and use the website. Some cookies are necessary to allow the website to function properly, but you may choose to not allow other types of cookies below.

Necessary Cookies

What are necessary cookies?
These cookies are necessary for the site to function and cannot be switched off in our systems. They are usually only set in response to actions made by you that amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not work. These cookies do not store any personally identifiable information.

Necessary cookies must always be enabled.

Functional Cookies

What are functional cookies?
These cookies enable the site to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, some or all of these services may not function properly.

Performance Cookies

What are performance cookies?
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Marketing Cookies

What are marketing cookies?
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant content on other sites. They do not store personal information directly, but are based on uniquely identifying your browser or device. If you do not allow these cookies, you will experience less targeted advertising.
Better Business Bureau®
Resources for Businesses
Better Business Bureau
          Latest News

          BBB Business Tip: Writing an effective privacy policy for your business's website

          By Better Business Bureau. January 24, 2023.
          credit card computer banking privacy policy

          Your customers have a right to know how you handle their personal data. Whether you are processing credit card payments, saving their shipping or contact information, or simply signing them up for a newsletter, customers should know what data your business collects and how it is used. A good privacy policy does just this.

          Are privacy policies required by law? 

          It depends. In general, the Federal Trade Commission recommends privacy policies for most websites that collect and share consumer data. But laws differ from place to place and may depend on what data you collect.

          In the United States, federal laws require privacy policies for businesses collecting sensitive data, such as personal information from children under 13, protected health information, or information collected to provide certain financial products or services (e.g., loans, investment advice, insurance) to consumers. But some states have their own requirements for privacy policies. Canada also has regulations about privacy online.

          Tips for writing an effective privacy policy

          Even if you’re not processing sales on your site, you may be collecting your visitors’ personal data to generate leads, make appointments, manage newsletter subscriptions, or to share with advertisers. And those actions are supported by a privacy policy. As you begin to implement one for your business, be sure to do the following:

          • Keep it visible. Don’t make your privacy policy hard to find. Consider including a prominent link in the header or footer of every page so visitors can check out your policy before interacting with your site. At a minimum, your privacy policy should be linked to your homepage and any other pages where data is collected.

          • Keep it simple. The policy is a legal document, but consumers don’t want to read technical jargon or legalese. Your privacy policy should be clear, concise, and written in plain language so that your customers can readily understand how you handle their information.

          • Keep it real. Say what you do and do what you say. Your policy is a pledge to your customers about how your business will handle and protect their personal data. It should accurately reflect data practices unique to your business. You can check out policies of similar businesses for inspiration, but don’t cut and paste another company’s policy – one size does not fit all!

          • Keep it current. Make sure your policy is updated if you change your business and privacy practices. Communicate any substantial changes in data use or sharing to customers before they take effect.

          Issues to address in your policy

          You are legally responsible for abiding by the privacy promises you make in your policy. If you have questions about your obligations, seek legal guidance before finalizing the policy to ensure it complies with federal and state laws that may apply to your business.

          • What data is collected. Identify the types of data your site collects. In addition to names, home addresses, email addresses, phone numbers, credit card information, and IP addresses, you may be collecting information about your customers’ interests and purchase histories or demographic information such as their gender, age, income, or marital status. Your analytics provider, your advertisers, your third-party shopping cart, or your payment processor may all be collecting information on various parts of the site. These activities should be identified, and consumers should be directed to any third-party privacy policies that may apply.

          • How data is being collected. Online forms used to enter email details for newsletters and credit card data for purchases may be obvious to the consumer. Data collection using cookies and other trackers placed on the visitor’s computer browser may go unnoticed. You should clearly explain your cookie practices to customers.

          • What you are doing with the data. Tell your customers how you use their data and how, where, and how long you will store it. If you share customer data with affiliates or service providers, sell data you collect to business partners or allow marketers or others to collect data on your site, be sure to explain what information is being shared or sold and how it may be used.

          • How customers can control their data. Provide a point of contact at your business – an email address or phone number - to help customers change passwords, unsubscribe from mailing lists, close accounts, or complain if there’s a problem. If marketers use your site to collect browsing data for interest-based advertising, you should also provide customers with opt-out information for this activity.
             
          • How you protect the data. You should be protecting customer data with strong data integrity and security measures. You can reference these measures in your published policy to provide assurance to your customers. But avoid going into detail -- publicly revealing too much about your security practices could put your systems at risk. 


          For more information

          To learn more about making sure your business complies with privacy laws, including GDPR and COPPA, follow these tips.

          Check out the National Cyber Security Alliance’s tips for businesses. You can also find more data security tips from BBB at your cybersecurity HQ.

          Still Need Assistance?

          Contact Your Local BBB

          Your local Better Business Bureau can assist you with finding businesses you can trust. Start With Trust®.

          General Inquiries:
          6336-684 (416)

          Additional Resources

          Additional Topics