- creates contractual rights and obligations, and is essentially your promise to the world about how you will treat personal information;
- is also a trust and brand building exercise in that it reassures people, and makes you more likely to succeed in collecting their personal information;
- is the mechanism through which you comply with many parts of POPI, by allowing you to specify your purpose, be open about your processing, and allow a data subject to participate.
- Does it comply with the latest law?
- The structure of the policy.
- The language of the policy. Is it in plain language?
- Is it likely to make your customers or employees (whichever situation it applies to) trust you as an organisation.