Think of your privacy policy as a disclosure statement for your website visitors. In order not to be misleading or deceptive, you need to disclose each specific practice or policy regarding the collection, use and dissemination or disclosure of all personal information. So, you need to know how and what information your website will collect.

In the most basic sense, you need to understand exactly how your business collects data, how it uses that information and how it shares or distributes it so your privacy policy can be accurate and not misleading. If you don’t understand how your business discloses or uses information, you obviously won’t inform your website visitors. This, in turn, could be considered deceptive. Unfortunately, most websites copy privacy policies they find on other sites. Copying another privacy policy may describe the practices of some other website, but may not describe your policies. This may be deceptive in of itself since it misleads your visitors.

Website operators should always post a privacy and/or communications policy on their website if the website gathers any type of personal contact or identifying information from website visitors and/or customers. This applies to websites that collect only email addresses. Personal information generally includes contact information such as a visitor’s physical address, phone number or email address and identifying information such as first and last names, social security number, etc. If your website conducts sales of goods, you will almost undoubtedly be collecting this type of information.