A Privacy Policy is a legal statement that tells the users how the owner of the website collects, stores and manages customer’s personal data that they provide to the website while using that website for its products or services. All web servers collect basic information about its visitors. This information is usually tracked for standard regulation and maintenance purposes.
Privacy Policy is an important source of information on a website because it enables the customer to understand how the data provided by him/her on the website will be treated.



Generally, the customer wants to know how their personal information is stored and protected by the website operator. Website privacy Policy gives a detailed description regarding the usage of customer’s personal information. It also lays down all the privacy and security rights that are available to the customers. In simple terms, companies recognize the importance of privacy of individuals and describe how the information is going to be treated by them.
Need for creating a Privacy policy

The reason why it has become a legal requirement to maintain a privacy policy these days is because it helps to retain the user’s confidence in the website. Users need to know how their personal information is stored and used by the website. So this process of data collection, storage and dissemination will help to build trust in the users about the company’s website. However, it is the responsibility of the owner of the website to give users an option to either opt-in or opt-out from the process of data collection by the website.

Personal information
The personal information includes name, age, gender, email address etc. For instance, these personal details are asked every time a customer makes a new account. There is also a wide usage of cookies which enable the websites to save the basic information about its users in its database in order to filter the customers’ needs and preferences. This gives a better experience to the customer next time he logs in that website as it provides services according to his/her requirements which were stored in its database with the help of cookies. So it becomes the responsibility of the owner of the website to make it clear and understandable for the customer as to how the information is going to be used by the website at the time when the customer fills his/her personal details on the website.

Manner of usage of personal information
There are some factors to be considered for using the personal information of the customers such as transparency, legitimate purpose and proportionality.

Transparency states that personal information is to be processed only when the user has given his/her consent for website’s use or the personal information is compulsory to enter in order to make a contract binding or fulfill some legal requirement etc. Secondly the personal information provided by the user on a website can only be legitimately used for the action for which the user has given his/her consent and not in any other way for which the user has not given his/her consent. And thirdly the personal information that is collected needs to be accurate and must be kept up to date. The collected information is to be used in that manner only which is filled by the customer and not excessively.

Requirements of a privacy policy as per Reasonable Security Practices Rules 2011 falling under IT Act 2000
The Ministry of Information and Technology has made it mandatory to disclose the criteria of collecting sensitive personal information and also prescribed the reasonable security practices to be followed in relation to the information that the owner of a website holds. There are a number of factors that are to be considered before framing a privacy policy some of which are laid down in the following points:Website Privacy

Access by users: The Company having a website privacy policy must develop a central answering point where the users have an access to clear their queries in case the information is wrongly filled or information is to be erased altogether. It should also give an opportunity to the customers to review all their personal information maintained by the website.

Easy exit: The website should also give a choice to the customers to exit from the website’s database where personal information is stored for marketing purpose.

Complete Information: It is the responsibility of the company that all the information about the privacy and security issues associated with its products and services is publicly made available.

Security: There needs to be a declaration that all the information that is collected by the company on its website is collected through its appropriate physical and technical safeguards and not collected by any unauthorized person.

Disadvantage of not having a privacy policy.
The major disadvantage of not having a privacy policy is that the companies that don’t have a privacy policy are not competitive and legally compliant as compared to others as users in the present time of technological advancement, want to be assured of their privacy and security.

So, a privacy policy must be made in a manner that it defines the general scope of a website. At the same time, it must be understandable and accurate since it is the most important document in a website. It becomes important that the company makes its website most trustworthy as compared to its competitors in order to make the users believe that their personal data will remain in safe hands for all future purposes.

The next time you require a website privacy policy, CLICK HERE


Legal Consultant

Leave a Reply

Your email address will not be published. Required fields are marked *