Print Print

Online Privacy Policy

October 14, 2008 – 9:24 pm by John Giles

If you collect personal information about your customers (or any identifiable individual) through your web site you need to have an online privacy policy.  An online privacy policy should appear on all web sites that collect personal information about visitors to the web site.

john-giles-for-michalsons-014What are the benefits of having a privacy policy?

  1. It may reduce the risk of your company being sued for infringing a customer’s right to privacy.
  2. The policy should also ensure that you comply with the law and therefore avoid sanctions for non-compliance.
  3. Hopefully bad publicity which can have serious economic consequences can be avoided.
  4. A privacy policy should demonstrate good practice and therefore help to attract new customers or to keep existing customers.
  5. A well drafted privacy policy should also enable you to deal with the personal information of customers in a manner which is beneficial to you.
  6. The personal information relating to your customers is a valuable business asset which should be protected and possibly even developed.

The purpose of a privacy policy is to regulate the processing of personal information.

The content of a privacy policy is therefore dictated not only by legal considerations but also business considerations.  There are already various laws and regulations in South Africa relating to privacy and more is expected soon.  The failure to have an online privacy policy could result in:

  • your business failing to grow, and
  • legal problems, difficulties or disputes.

A South African Online Privacy Policy for Your Use

We have developed a template of an online privacy policy specifically for South Africa.  Comments for the customisation and implementation of the online privacy policy are included as footnotes.   The privacy policy is designed to satisfy your requirements regards the personal information of others and their privacy.  Please contact us for further information or if you require a template online privacy policy.

Do you collect personal information?

Personal information can be collected by various means and you should carefully analyse the functioning of your business or web site to establish if and to what extent you gather personal information. You might even collect personal information without knowing it!  Ways in which personal information is collected include:

  • visitors subscribing to a newsletter,
  • a user registering on a blog or forum,
  • users submitting their details via a form,
  • in the process of contracting online,
  • taking orders,
  • through the personalisation of a web site by a user,
  • through the use of cookies,
  • monitoring user access and habits,
  • sending or receiving e-mails,
  • SMS’s or other similar messages.

Data Privacy in South Africa

Under South African law, an individual’s right to privacy is enshrined in the Constitution of the Republic of South Africa (”the Constitution”). The Constitution provides that everyone has the right to privacy. However, section 36 limits certain privacy rights where “reasonable and justifiable”. No specific standalone legislation dealing with privacy currently exists in South Africa. Specific legislation dealing with privacy and data protection is expected in the future.

The Promotion of Access to Information Act (Proatia) is to an extent relevant to privacy and online privacy policies. The essence of Proatia is that private bodies are required to allow access to their records under certain circumstances. Proatia mandates that:

the head of a private body must refuse a request for access to a record of the body if its disclosure would involve the unreasonable disclosure of personal information about a third party

and the privacy of end users or customers is therefore indirectly protected. In addition, the section of Proatia that deals with the correction of personal information is very relevant to privacy policies.

Until such time as privacy legislation is enacted, we recommend that all companies that collect personal information should have a privacy policy that complies with international best practice and which will most likely comply with future South African privacy legislation. The privacy policy should also comply with the provisions of Proatia and other relevant legislation to the extent that they are relevant.

Some General Comments

A privacy policy is a dynamic document and should be amended as the law relating to privacy and your business develops and changes. Your privacy policy should therefore be reviewed on a regular basis.

It is suggested that you alert users to the fact that their personal information will be dealt with under a privacy policy by way of a clear and prominently displayed notice at the bottom of each web page of your web site.

Similar:

  • Share/Bookmark

Tags:

You must be logged in to post a comment.

Copyright 2002 - 2010 Lematics. All Rights Reserved. Entries (RSS), Comments (RSS) and XML Sitemap. Designed by Bob