The importance of a privacy policy for your business

“I’ve been working with developers to take my business online. They have advised me to make sure I have a proper privacy policy drawn up for my website. Is this really necessary or can I just use a standard one from the internet?”

In an era where personal information is collected, shared, and sold to third parties for commercial gain or benefit, often without the knowledge or consent of the consumers, people want to know how their personal information will be handled by businesses and to whom and for what purposes such information will be transferred. Transparency in the use and protection of data establishes trust between a business and the public it wishes to engage with.

A privacy policy explains to the public how your business collects personal information and data, how such information will be used and stored, what it is used for and how and with whom such information will be shared and for what purpose. 

A privacy policy on your website will allow users of the website to make an informed decision as to whether to use your website or refrain from doing so. 

It should be noted that the Protection of Personal Information Act 4 of 2013 (which has been signed into law but has not yet come fully into effect) (“POPI”) should be factored into the formulation of an appropriate privacy policy for your business. In terms of POPI, reasonable practical steps (through for example a privacy policy) must be taken to ensure that data subjects (the persons whose personal information is processed by your business) are aware of who is processing their personal information, why such information is being processed and whether the supply of the information is voluntary or mandatory. POPI further requires responsible parties to inform data subjects of the nature and category of personal information that you collect from them. 

A proper privacy policy for your online business should be constructed to be read together with the terms and conditions of use of your website, as well as your access to information manual (required in terms of the Promotion of Access to Information Act 2 of 2000). 

As this is a specialist area, we support the recommendation of your developer to engage the support of a data specialist or POPI expert to assist you in developing a tailored privacy policy for your business. This is a far better and appropriate way to establish trust with your consumers than just copying an example from the internet.

May 15, 2018
International: Privacy by Design – prioritizing security in business

International: Privacy by Design – prioritizing security in business

In today’s current digital space, safeguarding privacy and ensuring that your business is compliant with the various cyber laws and data privacy regulations is crucial to ensure that business operations are well protected. In this article, PR de Wet and Mishka Cassim, from VDT Attorneys Inc., seek to address some of the most important issues companies face and need to consider on a global scale when addressing privacy concerns.

South Africa: POPIA and prior authorisation to process personal information

South Africa: POPIA and prior authorisation to process personal information

The Protection of Personal Information Act, 2013 (Act 4 of 2013) (‘POPIA’) requires a responsible party to apply for and obtain authorisation prior to processing certain identified categories of personal information. With POPIA compliance deadlines fast approaching PR de Wet and Hayley Levey, from VDT Attorneys Inc, analyse the POPIA prior authorisation regime.

Sign up to our newsletter

Pin It on Pinterest