Minimize your company’s data collection
You should limit the amount of personal data that you collect from your website’s visitors in order to provide services or products, or to allow them to interact on your website. The less information you collect from your users, and the more transparent you are about your processes of collecting information, and why you need it, the more your site’s users will trust your organization.
When collecting consumer data, take extra steps to let them how the information is to be used
It is crucial that you communicate your data collection policies to your users. Most companies do this by giving consumers a link to an online privacy statement on the website homepage or on other pages which ask for personal data. These added steps build trust in your site, which helps lead to a strong and loyal customer base.
Retain data for short time periods
Keep your user’s data for the shortest time necessary for your business purpose, or as it is required by law. Be aware of your specific data retention laws as based on your location and business model. There are differing laws, so be aware of the regulatory requirements as they pertain to you.
Anytime your organization shares user’s personal information, be sure that you comply with SB27, the CA “Shine the Light” Law SB27 was designed for companies that do business with CA consumers, and requires those that share information with third parties for marketing uses to give customers a designated point of contract so that they can request the information-sharing disclosure notice.
Companies which use technologies like log files, cookies and web beacons should tell consumers about it in their privacy statement
Tracking users’ movements within your site can give you valuable marketing insights. You must let your users know what you are tracking and how you are using their information; this must be done in compliance with the Fair Information Practices guidelines.