Situation: An early stage software-as-a-service (SAAS) company notes that a number of companies have privacy statements on their web sites. Is this something that is common, and should they consider their own privacy statement on their site?
Advice from the CEOs:
- If your services include the collection of users’ personally identifiable information many users will want to know that the information that they put on the site is secure. Get legal advice on the handling and storage of personally identifiable information. You may want to qualify for TRUSTe or a similar service.
- Others will be competing in your space, or close to it. Look at these companies’ sites for what type of privacy statement they use.
- Research how important this is to your target audience. Get assistance from someone who is good at drafting surveys. Hire a summer intern or local college student to conduct the survey. This is a quick way to answer your question.
- Determine your business policy regarding privacy. If policy considerations dictate that you should have a statement, then find a model statement that you like and use this. Model a statement after one that appeals to you from another company. Make sure that you cover anything that you feel is important, and retain any prerogatives that you feel are important.
- Create a link to a separate page that contains a model privacy statement. Count the number of clicks that it receives. You may find that nobody clicks on this.