Whether you are a church, school, conference, or union, chances are you have a website. As a great tool for your ministry, websites can be used to keep your members or employees up to date on what is happening with your ministry. Your online presence provides a place for visitors to quickly contact your organization.
“As long as you stick within your policy guidelines and those guidelines follow legal standards, you receive a level of protection,” says Vargas. “You are letting visitors know what you are doing and if they do not agree with your policy, they can and should leave your site.”
Also, you must be transparent about any third-party vendors that collect and store visitor data. Third-party sites will have their privacy policies, and you must make it clear to your visitors that their policies may differ from your own.
- What information you are collecting
- What you will do with the information
- How you collect the private data
- How you store the data
- How you protect the information collected
- What period of time you hold collected data
- Who within your organization has access to the data
You MUST outline to your visitors not only how you use the collected data but also how you will keep the data safe.
In Canada, the Personal Information Protection and Electronic Documents Act, or PIPED Act for short, governs how companies obtain, use, and disclose personal data in the course of a commercial activity. Companies covered by the Act are required to obtain an individual’s consent when they collect, use, or disclose that individual’s data. Currently, Quebec, British Columbia, and Alberta have passed similar laws.
In the United Kingdom, the 1998 Data Protection Act outlines privacy principles for all companies and regulates how companies can obtain, use, store, or disclose personal data.
In the European Union, the Data Protection Directive and the new General Data Protection Regulation controls data privacy and require companies operating from the EU to obtain consent for the collection and use of any data.