It is your company’s obligation to be clear, upfront, and transparent about how you collect and store visitor information. Your website presents an opportunity to make money, but it also entails a certain level of responsibility on the part of your company to safeguard this valuable information.
In today’s environment where people are more suspicious about online companies, being straightforward is in your best interest. One of the key aspects in running a website is developing a privacy policy. Writing a privacy policy is a simple step that goes a long way towards retaining visitor trust for the long term. Here are a few things to keep in mind when writing a privacy policy:

Do Not Copy a Privacy Policy Off Another Website

It may be easy, but it is not the right thing to do. The privacy policy is a legal document; as such, it is important to know what you’re getting yourself into before publishing one. While a blog site may retain a certain level of freedom, this is not the case with a large ecommerce website.
An ecommerce website sells to customers: meaning, sensitive customer information is a necessary evil. Think of your business as the parallel of a retail store. A lot of small businesses use third-party payment processors such as PayPal to ensure the security of their customer’s sensitive payment information. Use of a privacy policy (together with the Terms of Service) will limit your legal liability in the same way PayPal would for your business.

State How User Information Will be Handled

The term “user information” is in reference to the personal data that can be used for identification, interaction, and offline or online marketing provided by the customer during the use of your website. This includes their E-mail address, credit card information, IP address, contact information, and social media information.
The site’s privacy policy should state how this information will be handled and stored. Most users are concerned with the threat of identify fraud. In the privacy policy, assure visitors that their data will not be misused or given/sold to third parties without their consent.

User Control over the Collected Personal Information

Nearly all websites have some kind of analytics software that measures bounce rate, conversion rate, and click-through among users. Given this sophisticated level of data collection, what kind of rights do the visitors have over their details? Be clear on what they can do to exercise their privacy. How can they contact you to exercise such controls?
The above are just some of the concerns you need to address. Depending on your business, you may need to be more specific about the measures that are taken to ensure continued user security and privacy. It is also important to stay up-to-date on the latest security processes as the online world continues to evolve.
About the author: Elias Chininis is a student at Georgia Tech studying Business Administration with concentrations in Marketing and IT.  Born and raised in the Atlanta area, Elias hopes to start his own business but for now is focused on completing his education.  He currently works in the online marketing department for San Diego’s Top Tree Service.