website_data_privacyOnly ten years ago, when the Internet was still fairly young and just recuperating from a horrid dot-com bubble, websites and their owners, subsequently, could only know so little about their users/customers. Things like where a visitor comes from (IP address of request) and how many visitors access the website represent the most basic information a webmaster can have about his website analytics. This has changed a lot over the years and now websites collect a myriad of data about their users, from the OS they use, the kind of computer of mobile the request is being made from, loads of valuable information. Some websites like google or facebook use cookies to find out what other websites a user visits. Google actually, owning Chrome – maybe the most used browser at the moment – can easily monitor what websites you visit, where you shop online and other online activities without the user needing to have an actual Google account.

Now, in Google’s defense this would be a grave privacy violation and they clearly state they do not register this kind of data. I’m just they can, not that they’re actually performing this. The truth may be somewhere in the middle. If you’re an online business owner, even a small website owner, you might be tempted to collect all kinds of data about your visitors. Even if you’re of the best intentions (to build a better website tailored on your visitor’s needs), know that you need to trend very lightly. Besides certain policies and regulations that clearly state what data can be processed and what can not, which when broken might land you a fat lawsuit, webmasters need to be attentive on how they protect their visitors’ online data. Once in your hands, you are responsible for the safety of this data (i.e. not fall to a third party).

Here are a few basic, yet imperative, steps any webmaster – be it a small online business owner or a full-fledged corporation – needs to take to protect their users online data.

1. Audit your data collection needs

Have a discussion within your organisation about data collection objectives. Your company needs to firmly understand and choose which exact aspects you want to track from visitors. Businesses sometimes collect more data than they realize because they’ve used third-party software code that does so automatically or because a partner, such as an advertising network or analytics company, is pulling data. A lot of people in charge of privacy regulations of websites give little interest and attention to this fact, but someday this might backfire. If you don’t know exactly and I mean EXACTLY what data you’re analytics is pulling in, then you’re vulnerable. And I’m not referring to hackers here, that’s a different picture.

2. Collect only what you need

On par with the previous step, your organization needs to collect only the data that it needs. Sure, you can collect everything and decide latter on what data you choose to use for your marketing efforts for instance, function of your present needs. But doing so increases risk. Data can be lost or stolen by hackers, and customers can mutiny if they feel you’re asking unnecessarily intrusive questions. Keep it minimal.

3. Secure your data

This is a no-brainer. Once you’ve collected customer/user information it’s imperative you secure this information. I’m not going to dwell into the details since this is a subject that could fill entire books, and has. Be sure your security analyst is responsible, capable and in charge of the situation.

4. Be transparent about the data you collect. Write a good privacy policy

Most people skip right through any privacy or terms of service agreements and go on with their business. That’s not to say that you should put your best interest into crafting a valuable privacy policy. All websites are mandated by U.S. law at least to post a privacy policy, practically and legally acting as a binding agreement between you and your customers. Be transparent about all the aspects and features you collect from your users and how you intend on using these. Describe these practices fully and accurately. This task may be daunting, especially if you’re a small website and consider thoroughly doing this impracticable. It’s THAT important, though, and shouldn’t be left out.

Find out if your website is using a valid privacy policy and other, using webinformationservice.net.

5. Communicate with your users

Although people rarely read privacy policies they expect to be presented with brief explanations on how their data will be used. For instance, on an e-commerce website, a user might not read through the terms of agreement and privacy policy when registering, but he will definitely want to be informed how his e-mail or credit card will be used at checkout. Otherwise, the customer might leave and you will lose a valuable customer.

Also, whenever your product or website makes changes, make sure your users and customers are being kept informed about these changes. Give customers an online form or e-mail address for communicating their privacy problems or concerns. And be sure to respond to their messages. Such two-way communication can help build trust and loyalty – and help avoid potential privacy crises.

Enjoyed this article? Join 40,000+ subscribers to the ZME Science newsletter. Subscribe now!

Like us on Facebook