3 Steps to Turbo-Charge Your Data Privacy Policies
This is the third in a three-part series of tips and takeaways from DMA's Institute for Data Governance and Certification. The new, three-day certification course will be held first on July 18-20, 2012, at DMA's NYC seminar center. You can find the previous articles in the Related Content box to the left.
1. Plain Language
Make all of your privacy, data protection, and security language clear and easy to understand. Make it comfortable and assuring to your customers. Be sure that it reflects your overall brand value.
In doing a deep dive into brands' privacy policies, I have found quite a few that are complete and compliant. Unfortunately, they are not written in plain language consumers can easily understand, usually because lawyers direct the drafting of the language.
Revisit your language and consider having writers with expertise in promotional and brand advertising or marketing take a crack at humanizing your customer facing language. This will go a long way in clarifying your practices. To my mind, two standouts that reflect this manner of "plain language" excellence are Disney and Twitter.
2. Consider Adding a Separate Section on Security
The next wave of data-policy best practice will not be limited to a paragraph on data security informing customers that their data is safe and secure. Instead, state-of-the-art will involve a full call-out that addresses your best information security protocols—from how you employ physical and virtual controls to how you monitor and keep data safe from abusers and hacks—and all of the practices you recommend your customers employ in their dealings with you.
- If you have a log-in relationship with your customers, include a section on passwords, a strength indicator, and an indicator for personal preference.
- Provide a section on your data-monitoring processes, and think about engaging your customers in fraud alerts. Financial transactional sites are particularly prone to spoofing and phishing attempts by fraudsters who set up look-alikes to snag personal identifiable information (PII)—including account information from uneducated users and customers.
- Add a point-of-contact section to help customers understand that when they friend or follow your brand there are settings on their PCs and mobile devices that can keep their information and relationship with you safe and secure.
3. Include Definitions of Terms
Define terms that are common to data wonks, but are jargon to our customers. Take some of the important sections of your policy and consider defining "customer," "customer-to-be," "public information," "personal information" and "third-party information." This is a wonderful opportunity to create a customer-centric explanation about your treatment and handling of information, including with whom you might share and for what purposes. Every business that uses multiple channels and multiple touch points needs to find that voice that works for their brand.
Keep your data safe and secure!
Peg Kuman is vice chairman of Springfield, Va.-based data products, services and processing provider Relevate, and instructor of DMA's Institute for Data Governance and Certification. For more information, visit http://www.dmaeducation.org/dm-essentials/marketing_data_governance.php.