By Will Elton, published: 2023-08-18
1. What information will you collect from your visitors?
Doing this ensures that you are transparent with your website visitors and users regarding what information about them that you are collecting and what types of activity you are monitoring.
2. Will you use the collected information in another country?
You have to state explicitly all the countries and territories where you will store or use the data.
Note: Be extra careful using a hosting service provider with overseas servers. You may be subject to additional provisions that restrict transfers of personal information.
3. How will you use the data you collected?
It is crucial to specify the purposes for which you will use the information you have collected from your users.
We recommend that you create the most extensive list possible to keep possibilities open for the future.
Even if you are currently only using the data for record-keeping, there might come a time when you want to do direct marketing!
Cookies contain a small file of letters and numbers stored on the browser or hard drive of the user’s computer to help websites provide them with a good experience when browsing the website.
There are different types of cookies. Some identify users and track website performance to give visitors a more personalised experience.
Others help analyse the effectiveness of website content. The four most common types of cookies are:
Strictly necessary cookies are required for the operation of your website. They include, for example, cookies that enable the user to log into secure areas of your website, use a shopping cart or make use of e-billing services.
Analytical/performance cookies allow you to recognise and count the number of visitors and see how they move around your website. This helps you improve how your website works, for example, by ensuring that users find what they are looking for easily.
Functionality cookies recognise the user when the user returns to your website. This enables you to personalise your content for the user, greet the user by name, and remember the user’s preferences (for example, the user’s choice of language or region).
Targeting cookies record the user’s visit to your website, the pages the user has visited, and the links the user has followed.
You must specify what type of cookies your website uses and explain what kind of information these cookies will collect.
Not technically-savvy? The Zegal app provides helpful and precise definitions that guide you through drafting each agreement.
5. Can children use your website?
Can individuals below a certain age use your website? If so, you must implement safeguards to ensure compliance.
If your website collects personal information from individuals within a specific age range, it’s essential to specify the age group.
The GDPR policy places strict requirements on protecting the personal data of children. If you rely on consent as your lawful basis for processing data, children should be at least 16 years old.
6. How can users access and update their info on your platform?
Under the law, individuals have the right to check whether you hold personal data about them, access that data, request that inaccurate data be corrected, and ask for removal or deletion of the data.
Therefore, you must provide a contact person and full contact details (including name, address, telephone number, fax number & email address) that users can contact to assess or correct the data they have provided.
Under the PDPA, organisations in Singapore are required to designate at least one individual, known as the Data Protection Officer (DPO), to oversee the data protection responsibilities within the organisation and ensure compliance with the PDPA.
Appointment of a DPO is also implicitly required in Hong Kong under Data Protection Principle 1.
Hence, you will also need a clause that states how users will be notified of new policy changes.
Now, preview your document:
And you’re done!
Running a business may be challenging, but with the right processes and documents, you can build prudent legal protections and ensure you stay compliant.
Ready to get started?
No commitment, no credit card required.