Details on what defines a user, the website, and any other relevant party.
How data is collected on your site.
What happens to the collected data is used once it’s been obtained.
What the visitor can do to make sure their data is deleted.
Another thing to note is whether you have any third-party sites collecting data on your behalf. Some examples include marketing software such as Mailchimp, Pardot, Documatix, etc. Another use case is whether you have payment gateways on your site that require users to pay via credit or debit card, or PayPal.
Policy (what personal information is being collected on the site)
Choice (what options the customer has about how/whether her data is collected and used)
Access (how a customer can see what data has been collected and change/correct it if necessary)
Security (state how any data that is collected is stored/protected)
Updates (how policy changes will be communicated)
Finally, having a lawyer check the final verbiage before it goes live is always recommended so you can make sure the policy captures all the nuances your website and your business may need to cover. Have questions? Please feel free to reach out to the team at ZAG Interactive. We are happy to advise you on best practices for privacy policies that incorporate all elements as part of a website redesign or marketing initiative.
Sources: Identity Theft Resource Center, Termsfeed.com