Besides the fact that your business may be subject to wide-reaching data privacy and protection laws such as the General Data Protection Regulation (GDPR), you could be collecting data about your users without even realising it.
For example, all websites collect log data by default, which consists of information such as a visitor’s IP address. Under the GDPR, this is considered personal data as it can be used in combination with other data to personally identify someone.
Perhaps your business keeps records of customers who visit your physical premises to assist COVID-19 contact tracing efforts.
Again, people’s names, phone numbers, email addresses, and details of their whereabouts are all personal data that is subject to certain regulations.
To protect your business and customers, we recommend adopting a proactive approach by publishing a policy which discloses your data collection and privacy practices.
As everyday consumers are growing increasingly concerned about their privacy, transparency is a must for businesses both online and offline.