Here Is How To Make Sense Of A Privacy Policy

A company’s privacy policy shows what it uses your information for and how it collects them. Because these policies can run into over two thousand words, however, it can become difficult knowing what exactly you are giving consent for. Here are key pointers to help you understand a company’s data protection policy.

Collect and Gather

Every website you visit and every app you download collects information about you. The cookie banner that pops up when you visit a website is a reminder of this. To find out what a company collects from you, look out for words like “gather” and “collect”. In some privacy policies, looking for “control” in the text could tell you what power you have over your data and how you can change your privacy settings.

Sometimes, you voluntarily enter your information in online forms to access products or services. For instance, it’s not possible to purchase an air ticket without entering your credit card details and other personally identifiable information. The ability of the service provider to serve you is premised on what you offer by way of personal details. In this regards, it is alright to always give out what is required. If the information isn’t required (or the field doesn’t come with an asterisk), you do not have to answer the corresponding query. Knowing what you need from the company puts you in control of what you give out. It allows you to benefit from the service while still putting your data protection needs first.

How We Use

Companies collect user information in order to curate products and services to suit each individual on their list. It’s how come you receive information about travel and airfare discounts just after one session on Kayak. Facebook, for example, sells access to user attention to companies to advertise their products to specific demographics. By taking into consideration the fact that you follow a tech solutions page, they know you will appreciate content on the latest innovations in that field. That way, Facebook makes money enough to keep its servers running for you to be able to connect with friends and businesses for free.

But this should not be done without your consent. It’s important that you know what a website is using your information for at any point in time. If you read a company’s privacy terms and you are not comfortable with what they do with your information, look up your options. Some websites give you the chance to opt-out of certain offers. Facebook and Twitter give you the chance to flag problematic ads in your news feed.

In some situations, it is impossible for the service provider to offer you relevant services without some form of information about you. Some gaming websites might demand to know if you are an adult before accessing their mature content. Others will collect information about your location to offer you subscription packages. Netflix and other streaming sites take this into consideration to curate content for their audience. In these situations, data collection is as much a compliance issue as data protection is.

Whatever the situation, a company website should have a designated email account that receives privacy reports from its users. Shoot them a complaint and hear their response. To find out more about how this works, look out for comments like “how we use” or “conditions of use.”

Where It Is Stored

Even after giving consent to a company to collect your information, where that information is stored will determine what data protection rules that information is subjected to. Some countries offer more data protection to users than others, and businesses normally employ servers around the world to make it easier to offer you their service.

Look out for “data transfers”, “sharing your information”, etc. to understand how this plays out for you. PrivacyCheck helps highlight these words for ease of analysis. Wherever your data is stored, privacy policies should state who else has access to your information besides the company. Do law enforcement agencies have access to it without a warrant? How many other sister companies will be able to use your information, and for what purposes? Do they encrypt your data as it is transferred?

Before you give them consent by entering data on any website, make sure that the business has taken steps to protect your information. An SSL certificate is the first step a company takes to ensure hackers can’t read the information you enter.

It is alright to feel worried about how your information is used; a dose of paranoia is healthy to stay safe in all walks of life. Note that many businesses genuinely try to find the smoothest processes to offer you their service. And where rules exist, it is necessary to reach out to these firms to seek clarification on how their data protection efforts affect or impede you. It’s also important to practice some restraint with how you store and share your information with others. Passwords and login credentials should be secure at all times. Understand when and how you use or share your location via an app’s location settings.

Policies like the EU General Data Protection Regulation (GDPR) are meant to protect you and your data. They ensure you have power over your data and also inform businesses on what to consider in drafting a privacy policy. Check your own government’s regulations to report any business that breaches its own privacy policy.

Be safe!