Your Website Privacy Policy and You

Steven T. Tatem, CISSP |

July 3, 2013

Website Privacy Policy

If you operate an e-commerce website or have being looking to start one, you should already be aware of some of the requirements needed to properly secure your customers’ information. You want to be using technologies like SSL certificates to protect data passed to you from your customers and data encryption to lock up the data on your server after the sale is complete. Each day customers are becoming more aware of safe computing practices, like looking for HTTPS at the beginning of the address bar. The use of an Extended Validation (EV) SSL certificate will add some extra color in the browser to reassure your customers that they have a safe channel through which to pass their information.

The policy statements that you place on your website are another important area that you need to be sure to address. All of us have seen privacy links on websites before, but not everyone will take the time to read through the complete policy for each website they visit. We all know that policy pages are usually pretty dry and boring to read through for a customer, but their presence is critical.

The privacy policy you place on your website should clearly explain how personally identifiable information (PII) will be collected, stored, used, discarded, and with whom it will be shared, or not shared with. Customers are more aware of how their information is used when they visit websites and will expect to see a privacy policy on a website as a sign of legitimacy. As a merchant, you should know that Visa and MasterCard require all e-commerce sites to have a privacy policy.

Something else to consider is the privacy policy of partner websites with whom you may be linked. When providing links to third party websites, be sure to read through their policy statements and understand how they may use the data from customers you send to them. If you feel the policy of a partner is not in the best interest of your customer, then you may want to consider removing the link from your own site. A customer may feel a sense of mistrust if your website links them to another website that is known for mishandling customer data.

A merchant who works with the sales team at Merchant Warehouse will be educated on the requirements we need to have met before that merchant will be approved for processing. All merchants who operate an online store are required to have a policy statement that covers privacy, shipping, refunds, and returns.

Merchants are getting more knowledgeable on the proper use of technology to protect the data they acquire from their customers. Customers are becoming more educated and vigilant regarding the use of their personal information. By crafting a clear privacy policy, you will make your business look more professional and help your customers feel assured that their data, and their trust, will both be handled with care.