Donate
‹ Back
Privacy 16 April 2019

Best Practices: Privacy

Basic Notice/Disclosure

  • Make sure the privacy statement has a link and is easily discoverable from the home page.
  • Place the revision date of the statement at the top of the page.
  • Provide access to archived versions of the statement, allowing users to see what has changed.
  • Use a simple layered and/or short notice designed to help consumers understand the statement.
  • Use icons to help consumers navigate privacy statements in conjunction with layered/short notices.
  • Write statements for the site’s target audience and demographics. Consider providing multi-lingual versions supporting non-English-speaking site visitors.

Key Compliance Policies

  • Compliance with Children’s Online Privacy Protection Act (COPPA) or related regulations.
  • Disclose whether the site honors Do Not Track (DNT) browser settings and preferably honor users’ DNT browser settings.
  • Provide a summary of the data retention policy, including a specific timeframe and for what reason data is retained.

Protect Privacy and Define Protected Sharing

  • Do not share personal data with any third party except to deliver service to the user. Provide a clear statement including details regarding if, what and for what purposes data is shared.
  • Require vendor compliance by contract and notify consumers that service providers are prohibited from the use or sharing of their data for any purpose other than providing services on behalf of the site.
  • Provide disclosure of cross-device tracking.
  • Utilize tag management systems or privacy solutions to manage third-party trackers.
  • Disclose whether data will be shared to meet legal obligations and make best efforts to notify consumers if their data is requested by third parties due to legal requirements.

‹ Back

Related articles

2019 Online Trust Audit Methodology 
Privacy24 September 2019

2019 Online Trust Audit Methodology 

The 2019 Online Trust Audit will represent the 11th independent analysis and benchmark report of the adoption of security standards and responsible privacy...

2015 Online Trust Audit and Honor Roll
Building Trust1 October 2017

2015 Online Trust Audit and Honor Roll

The 2015 Online Trust Audit includes a composite analysis focusing on three major categories; a company’s data protection, security and...

2017 Online Trust Audit and Honor Roll
Building Trust20 June 2017

2017 Online Trust Audit and Honor Roll

The 2017 Online Trust Audit is the 9th year OTA will be conducting an independent analysis and benchmark report of...

Join the conversation with Internet Society members around the world