What are Privacy Centers and Should You Have One?
If you run a website or a mobile app, and you collect data from your users, then it's a good idea to create a Privacy Center. A Privacy Center lets your customers find everything they need to know about your Privacy Policies in one convenient location, and they're designed to make it easier for users to stay in control of their personal information.
Privacy Centers are becoming increasingly popular with businesses of all sizes, and it's not just because Privacy Policies and clear privacy practices are often required by laws such as the General Data Protection Regulations (GDPR) and the California Consumer Privacy Act (CCPA). It's because users care about what happens to their personal data and they want to control:
- What personal data a company can access
- How the company handles this data
- Whether the company sends or sells the data to third parties
- How easily a company can "forget" their personal data and unsubscribe them from company services
- The marketing they receive from companies and the advertisements they see online
Privacy Centers make it much easier for companies to address all of these concerns and more, all from one single location on their website.
The typical Privacy Center contains the following:
- Terms and Conditions
- Frequently Asked Questions (FAQs)
- Support and Contact Information
Some Privacy Centers have links to more comprehensive information, but for now, just bear in mind that no two Privacy Centers look alike, and that's okay. There's no set formula.
Furthermore, a Privacy Center is not mandatory. Many businesses, such as very small businesses, do not use them. However, Privacy Centers are very straightforward to set up, and they demonstrate your commitment to data protection and legal compliance. As such, you should seriously consider implementing a Privacy Center.
So, if you're planning on setting up a Privacy Center, here's what you need to know.
What are Privacy Centers?
Privacy Centers are essentially interactive support tools. They're a way for users to quickly and easily find whatever information they need about your Privacy Practices at any given time.
Put simply, Privacy Centers should be designed in such a way that users know where to find further information, and how to contact you for further support. They're a map of your Privacy and Data Protection Protocols, and they should be easy to read.
In some ways, you can look at a Privacy Center as a professional business tool. By looking through your Privacy Center, users should instantly feel like you take their personal information seriously, which makes them more likely to do business with you.
Above all, a Privacy Center is designed to be:
- Easy to navigate
- Visually appealing
- Informative but easy to understand
We'll shortly take a look at how to design a Privacy Center in more detail, but first, it'll help to see what a Privacy Center looks like before going any further. Here are some examples of what good Privacy Centers look like at first glance.
Scroll further down the page and you'll find a rundown of the most frequently asked questions (FAQs) that EE customers have about EE's Privacy Practices. By clicking on the questions, customers can find the answers they're looking for, or they're shown where to go to find out more information:
Tesco is another good example of a clear and user-friendly Privacy Center. The homepage is well-organized and designed to help users find the information they need as quickly as possible:
For even more ease of access, Tesco includes standard footer links to each of these policies as well as directly to the Privacy Center on every page of its website:
So, now we're a little clearer on what Privacy Centers look like and how they function, here is an overview of when you should seriously consider implementing one.
When Should You Have a Privacy Center?
Privacy Centers are typically much easier to navigate than lengthy Privacy Policies because all the relevant information is broken down into clear subsections and subpages. Privacy Policies are often lengthy and detailed, and consumers don't always understand them fully.
Privacy Centers are designed to tackle this problem.
You Collect Sensitive User Data
Customers are often wary about giving sensitive information, such as medical or financial information, online. By creating a Privacy Center, you can quickly and clearly explain why you need this information, what happens to the data you collect, and how you properly safeguard this information. You'll also just appear more trustworthy and cautious.
Here's an example from Capital One Bank. The bank understands that protecting sensitive financial information is of the utmost importance to its customers. As such, it gears its Privacy Center towards explaining how it protects this data and how customers can take control of their financial information:
Note how Social Security numbers are given their own section here since they're such a sensitive piece of personal information and users will likely be very concerned about sharing this information without proper security assurances.
Sections are also prominent where users can view their rights, see what choices they have and manage their personal data.
You Collect High Volumes of Data
Depending on your business, you may collect various types of personal information and you may collect it for multiple purposes. You may also share it with multiple vendors and third parties.
Here, for example, is how Facebook handles its high data collection volume. There's a Privacy Center homepage with multiple, clearly-defined sections explaining how users can control their Facebook experience and find out more information about specific aspects of data privacy:
At the bottom of the page, there's a link to each of Facebook's legal policies for more detailed information on each topic, which is very useful:
When you click on one of these links, for example the Data Policy, you'll find a highly detailed but clear and concise page full of the information that Facebook users need to make decisions about their privacy:
Since Facebook processes high volumes of data, it makes sense that it has such a comprehensive Privacy Center. Your business likely wouldn't need something quite as robust.
Now, let's look at how to design your own Privacy Center, and what the typical Privacy Center includes.
What to Include in a Privacy Center
Although no two Privacy Centers look the same, they often have very similar features and components. As you'll see, the main aim is to make it easier for customers to take control, learn about your Privacy Practices, and adjust their privacy settings.
Cookies are small data files that are stored on someone's computer when they visit a website. They allow the website to remember the user and certain preferences, such as their password.
This breakdown helps users navigate complicated sub-topics easier while still having full and easy access to the complete legal agreements.
Facebook includes a link to its Terms in a sidebar on its main Privacy page:
You'll notice that Facebook also uses bright colors and a clear layout to separate different sections from each other. This is very helpful for busy users who can see, at a glance, where to find relevant information. Always use clean, clear, engaging layouts in your Privacy Center.
Twitter also links directly to its Terms from its main Privacy Center. It sets out two main subsections - one where users can adjust their Twitter profile settings, and one where users can learn more about Twitter's various Privacy Practices. The Terms are part of these Practices:
Top tip: Include links to full versions of all your Policies and legal agreements in your Privacy Center for ease of access.
Customers often ask the same questions about Privacy Policies. To save them the trouble of contacting you or wading through lengthy Policies, leave answers to these questions in your Privacy Center. Include links to where users can find further information.
eBay, for example, sets out its common questions in a page helpfully located beside its main Privacy Notice in its Privacy Center:
The questions are clickable, meaning they quickly open without the hassle of leaving the main question page. This lets users easily browse as many questions as they need to without clicking back and forth between pages:
You'll note that the above question also includes a link to eBay's complete Privacy Notice, which consumers can view if required.
Support and Contact Information
No Privacy Center is complete without making it easy for customers to contact you for further information. Include clear links to your contact details, and where customers can get help and support if they need it.
Top tip: Make it easy for customers to exercise their right to contact you and discuss your Privacy Practices.
Although a Privacy Center isn't mandatory, you should seriously consider creating one for your website.
A Privacy Center helps your customers find direct answers to their questions in as little time as possible. It also clearly sets out the key points from your Privacy and Cookie Policies, which gives consumers trust in your organization and proves that you care about their personal data.
If you design a Privacy Center, always include:
- FAQ section to summarize common questions
- Your contact details
Choose a user-friendly layout and make proper use of subheadings, images, colors, and text boxes to enhance the consumer experience and present a professional front to your organization.
Remember, always keep things simple for your customers. Make it easy for them to change their settings and stay in control. Include multiple edit setting links such as the one above so customers are never far from an opportunity to adjust their settings.
You'll benefit from customers who have a clearer idea of how your company handles their data and a renewed confidence in your Privacy Practices, including how they can exercise their legal rights.