How to Create a Privacy Policy That Strengthens Your Brand Identity
Have you binged any of those trendy home organization shows?
If you're anything like me, seeing all the mess organized and color-coded is calming and so, so, so satisfying.
You know that when Clea, Joanna, or Marie get ahold of a closet, pantry, or entire house, there is a transformation. And, yes, it goes from disorganized to organized, but I’m not talking about the transformation of the room.
After the big reveal, the lucky person starts wearing their jewelry again or can find the lentils that are no longer buried in the pantry. The process forces you to purge what doesn’t make sense to hang onto anymore. Better still, it highlights what should be there.
It’s the same in your business. Taking stock to create a system forces you to only keep what matches your business values. When your systems are in line with your values, there's magic. The outside world begins to notice and it solidifies that identity you are building.
People prefer to buy phones from one phone manufacturer over the other.
It's because folks can see their identity in their policies and values. Why shouldn't your clients see the same in yours?
Convinced yet?
Great! Let's get started.
Do a data audit
Clea, Joanna, and Marie agree that the first step to getting organized is to take inventory.
So they head to your closet and basically trash it. Pull it all out. Make a huge, messy pile. Then see what's buried in the hidden depths.
We need to do the same thing, just with digital junk instead of your SO’s t-shirt drawer full of band tees from high school with holes in them.
Open an Excel or Google Sheet
Make a list of every piece of data you collect from your website visitors, potential customers, folks just creeping on your site, etc in column A. No one other than you can say what information that is. A family photography studio collects different data than a marketing agency.
Then in column B, explain where you get that information. It could be from multiple places. A person’s email might come in through your contact form hosted by your website, your newsletter subscription hosted by your email marketing software, an intake form from your project management or your CRM system. List everywhere it might come from.
Then in column C, ask yourself why your business asks for that information. Remind yourself of the reason.
In column D, think about if you move that information from one software to another or give it to anyone who isn’t a direct employee. This does include your contractors, so be careful here.
In the end, it should look a little like this:
Purge Unnecessary Data
Now go through the list you made and ask yourself the following questions:
Do you need that information?
Does that software or service provider spark joy?
Did you change how you operate and no longer need that information?
Do you vibe with the values and mission of the organization that you are sharing information with?
Do you trust they will take as good of care of your customers as your business does?
Do they share the same business values as you? Do you know if the money going out of your business is still serving your people when in another company's hands?
Do your service providers/contractors/etc make an effort to care for their employees the way you would?
Is that software, service provider or contractor-owned or managed by women and people of color?
See how once you have that list of service providers and data, you can comb through it with your business’ values and priorities.
For example, I use Flodesk for my email marketing and Plann for my social media because I believe we need to put more money in the hands of women and encourage flexible working schedules (even outside a pandemic) because they are both amazing platforms. They also both happen to be created and run by women and have remote teams that give employees flexibility.
PS. If those sound interesting to you, you can check out my affiliate/referral links for Flodesk here and Plann here.
Put it all together
Now it's time to get all that data organized in clear plastic bins sorted by color (or the digital equivalent).
There are a few things every privacy policy really must have.
In general, you have to tell folks what info you get, what you do with it, who you share it with, if you sell it, and how they can contact you to fix or delete that information.
It can be a little tricky considering how many different laws there are, but check out this post for a more detailed explanation.
Drafting Your Privacy Policy
A privacy policy for small businesses should include:
What data you collect
How you use it
Who you share it with
Whether you sell data
How users can contact you to update or delete their information
This step is crucial for ensuring privacy policy compliance and maintaining customer trust. Different laws regulate privacy policies, so be sure to check legal requirements or consult a lawyer.
Maintain and Review Regularly
Businesses and priorities evolve, just like your home evolves. The closet that made sense for a 10-year-old you is not the same closet of your badass self today.
Any time your business goes through a major change or at least once a year, it’s a great idea to take stock of the data and your providers. Check to make sure they still match your priorities. Then tell the world about who you are working with to make sure your clients and your values are a priority.
So, tell me, when was the last time you did a data audit?
If any of this made you rethink your policy on privacy policies, you can grab a lawyer-approved privacy policy over at the shop for 1/10th of what it would cost to have a lawyer write one just for you.
Disclaimer: This is only general information, not legal advice specific to your situation, and does not create a client-attorney relationship. If you need legal advice, please contact a lawyer in your area.