Page 42 - PHG_Q&A_Eng.indd
P. 42

The importance of a privacy policy for your
            business

            April 2018

            “I’ve been working with developers to take my business online. They have
            advised me to make sure I have a proper privacy policy drawn up for my
            website. Is this really necessary or can I just use a standard one from the
      Commercial  In an era where personal information is collected, shared, and sold to third
            internet?”

            parties for commercial gain or benefit, often without the knowledge or consent
            of the consumers, people want to know how their personal information will be
            handled by businesses and to whom and for what purposes such information
            will be transferred. Transparency in the use and protection of data establishes
            trust between a business and the public it wishes to engage with.

            A privacy policy explains to the public how your business collects personal
            information and data, how such information will be used and stored, what it is
            used for and how, and with whom such information will be shared and for what
            purpose.

            A privacy policy  on your  website will  allow users of  the website  to make an
            informed decision as to whether to use your website or refrain from doing so.

            It should be noted that the Protection of Personal Information Act 4 of 2013
            (which has been signed into law but has not yet come fully into effect) (“POPI”)
            should be factored into the formulation of an appropriate privacy policy for
            your business. In terms of POPI, reasonable practical steps (through for example
            a privacy policy) must be taken to ensure that data subjects (the persons
            whose personal information is processed by your business) are aware of who is
            processing their personal information, why such information is being processed
            and whether the supply of the information is voluntary or mandatory. POPI
            further requires responsible parties to inform data subjects of the nature and
            category of personal information that you collect from them.
            A proper privacy policy for your online business should be constructed to be
            read together with the terms and conditions of use of your website, as well
            as your access to information manual (required in terms of the Promotion of
            Access to Information Act 2 of 2000).

            As this is a specialist area, we support the recommendation of your developer
            to  engage  the  support  of  a  data  specialist  or  POPI  expert  to  assist  you  in
            developing a tailored privacy policy for your business. This is a far better and
            appropriate way to establish trust with your consumers than just copying an
            example from the internet.






            37
   37   38   39   40   41   42   43   44   45   46   47