In an era where personal information is collected, shared, and sold to third parties for commercial gain or benefit, often without the knowledge or consent of the consumers, people want to know how their personal information will be handled by businesses and to whom and for what purposes such information will be transferred. Transparency in the use and protection of data establishes trust between a business and the public it wishes to engage with.
A privacy policy explains to the public how your business collects personal information and data, how such information will be used and stored, what it is used for and how and with whom such information will be shared and for what purpose.
A privacy policy on your website will allow users of the website to make an informed decision as to whether to use your website or refrain from doing so.
It should be noted that the Protection of Personal Information Act 4 of 2013 (which has been signed into law but has not yet come fully into effect) (“POPI”) should be factored into the formulation of an appropriate privacy policy for your business. In terms of POPI, reasonable practical steps (through for example a privacy policy) must be taken to ensure that data subjects (the persons whose personal information is processed by your business) are aware of who is processing their personal information, why such information is being processed and whether the supply of the information is voluntary or mandatory. POPI further requires responsible parties to inform data subjects of the nature and category of personal information that you collect from them.
A proper privacy policy for your online business should be constructed to be read together with the terms and conditions of use of your website, as well as your access to information manual (required in terms of the Promotion of Access to Information Act 2 of 2000).
As this is a specialist area, we support the recommendation of your developer to engage the support of a data specialist or POPI expert to assist you in developing a tailored privacy policy for your business. This is a far better and appropriate way to establish trust with your consumers than just copying an example from the internet.