Look over your privacy statement, and make sure that it isn’t too difficult to read or understand. To gain customer trust, you should present your statement clearly and in language that everybody can understand.
Your Privacy Statement shouldn’t vary from your Terms of Service statement. Your statements shouldn’t contradict each other, if needed cross reference your terms of service statement when writing your privacy statement, to avoid conflicting information.
During the creation of your privacy program, you should build your internal documents with your privacy statement at mind. Whatever your privacy statement entails, your actual program should to, there is no reason for the two to conflict one another. Making sure that your policies and program do what your statement says they will is of paramount importance to gaining customer trust, and provide another safeguard toward privacy risk.
Keep the information on your privacy statement current to coincide with the actual current practices of handling and protecting data. All parties of your company should be included when do a thorough examination of your privacy practices, if someone in your company deals with the data, they should be included in any discussions involving changes to your program. Doing at least an annual review is definitely a positive thing, even if you believe your practices are the same.
When writing your privacy statement leave out any language that seems questionable. Stay away from may, maybe, etc., only use terminology that reflects facts and nothing that is not. Your practices should be consistent with the Fair Information Practice of Notice.
Include an effective date on your privacy statement when it’s written. The statement doesn’t need to be complex. In fact, it can be as simple as “Effective as of Jan. 1, 2013”.