What kind of personal information are gathered?
What personal information does the organization get from you? Personal information requested by businesses and government agencies may include your name and home address, home phone number, email address, Social Security number, driver’s license number, financial information such as credit card numbers, bank account numbers, and household income, medical information such as your health insurance plan, diseases or physical conditions, and prescription drugs used, education and employment information.
How is information gathered?
An organization may gather information “automatically” via its Web site in addition to requesting you to enter personal information on a paper or online form. Cookies are one method for doing this. Internet cookies are little text files that a Web site you visit places on your computer. A cookie is data about you that your browser keeps and sends back to a website when you visit it again.
Cookies may be used by websites to monitor your purchases as well as the various pages you visit or advertising you click on. Such data may be used to develop a more thorough profile of you, which can then be sold to marketers.
Why is the data being gathered?
Is the personal information requested relevant to the transaction? Your name, home address, phone number, and credit card information, for example, may be required for making and sending your purchase. Your family income and leisure activities are not. Pay carefully if a company or website requests more information than is required for the transaction. The additional information’s purpose should be clearly explained. Look for a way to opt out of providing the additional information, or to say no. If you can’t complete the purchase without disclosing personal information that you believe is unnecessary, consider going someplace else.
What is the information used for?
Who will have access to the data?
Is the company’s or website’s customer information shared with other businesses? Is information shared with affiliates or firms in the same “corporate family”?
What are your options?
Look for ways to opt out of having your information used for marketing purposes and sharing it with others. It should be simple to opt out, such as by dialing a toll-free number or sending an email.
The better firms and Web sites, according to Consumer Reports’ E-Ratings, do not share personal consumer information with unrelated organizations unless the client consents in advance.
Can you look over or change your personal information?
An organization may allow you to evaluate or seek changes to the personal information it has acquired about you. Look for guidelines on how to achieve this.
What security procedures are in place to safeguard your personal information?
Secure Socket Layers (SSL), the industry standard for securing private information received over the Internet, should be used by websites that seek personal information. The data is encoded, or jumbled, into a code. This implies that your data cannot be read while it is being sent. Look for security indicators on Web sites where you submit personal information. In the address bar, look for “https” rather than the standard “http.” Look for a closed lock symbol in your screen’s bottom right or left corner. These indicators indicate that the connection is safe. You should stay in this safe zone during the checkout procedure.
Good security also entails implementing robust security methods, such as encryption, to secure personal information kept on workplace systems. It involves technology and methods for restricting access to personal information about consumers to those who need it to execute their tasks.
How long will the company follow through on its privacy policies?
A commercial Web site or online service that gathers personal information from California residents must publish a policy effective date and information on how customers will be informed of changes in their privacy policies.
Who is responsible for the platform’s privacy practices?
Someone in the organization should be in charge of the organization’s privacy policies and procedures. Is there someone you can contact if you have questions or issues about the policy? Is there a simple method to contact the appropriate person—email or a toll-free phone number?