The policy must be presented in a way that makes it easy to understand. One way which works well is to use a layered approach. The idea behind a layered policy is that people can quickly and easily read a simplified version of your policy, and find a digestible version of how their data will be used. The ‘layered’ element allows them to click through to find out more if they desire, with each layer displaying more information.
Having an essay at the point of data capture will not suffice, as people do not want to have to read War and Peace to find out how their data will be used. Similarly, just having a few sentences is not adequate, as this does not fully explain all the ways the data will be used. Having a layered policy allows you to both provide detail, and quickly explain how people’s data will be used by your organisation, in order to gain the appropriate and specific consent.
Have an opt-in consent option. That way you can prove that people saw your policy. The most common way for this to be done is through a tick box which indicates consent.
It is your contract with the user to collect and use their data in a specified way, and for that purpose only.
The Data Guardsman software contains a simple policy builder, that creates policy documents in minutes, that are bespoke to your business. For more information on this, click here.