Privacy, Tracking, and Opting Out
How do you handle do-not-track requests? Interest-based advertising from ads served on your site by third parties? Remarketing tags/pixels and tracking cookies?
What about opting out from such tracking and interest-based advertising? Will you provide visitors with options to do so within the policy itself by following simple instructions?
Site Log-in Information
If your site permits visitors or customers to log in for access to parts of the site restricted from the general public, how are user names and passwords to be handled? Who is responsible under you policy for protecting the privacy of this information?
Privacy and Email Marketing
If a visitor can opt into an email list you have via your website, you should explain the privacy rights related to use of their email address.
Will you self-host the list or use a reputable third party autoresponder service?
Are you using co-registration? Co-reg means a visitor providing an email address is opting into multiple lists, and often these lists owned by more than just the website owner. This is particularly common in joint ventures and in lead generation (lead gen) marketing.
Will a visitor be required to confirm his subscription to the list or is simply entering an email address enough to join it? How can a subscriber unsubscribe from the list?
Related Article: How to Avoid Spamming with Your Emails
What if a visitor posts his email address on your site (e.g. in blog comments)? How should that email be treated by other site users? Should the information be protected? Is there a reasonable expectation of privacy? Or can others who see it email the person directly?