Keeping Privacy in PII
by Julia Giacoboni, Director of Product Marketing
From your credit card and Social Security Number (SSN) to the crossword puzzle app on your phone, data unique to your person is constantly being collected. As a user, you might not always recognize this is actively happening. However, if personal information is being identified, you have agreed and opted in somewhere along the way. The websites, products, and companies that are collecting your information are required to follow a handful of best practices and laws throughout this entire process.
As companies and marketers break free from the walled gardens where data is currently utilized and instead begin to work with unique first-party data, the topic of usage and data privacy compliance has become the top priority.
PII Breakdown
Every day, we read articles about new data rules and legislation, including terms like robocalls, out-outs, location tracking, and the latest key phrase to pop up everywhere—PII.
PII (Personally Identifiable Information) can be any point of information that leads to a specific person. It comes in a variety of formats—from a home address or full name to bank account numbers or a tax ID—with many of these points being pieces of data that are unique to one single person. These pieces of sensitive and non-sensitive information get shared with companies and sites through many avenues—for example, through online forms.
In the growing cookiepocalypse, having an arsenal of first-party data and PII to power your marketing is an asset. BUT! Collecting and having access to PII comes with a lot of rules and regulations that are constantly expanding as technology advances.
As the AdTech landscape quickly evolves and data privacy regulations become more stringent, it’s critical for data collectors to stay focused on keeping people’s personal information secure. The best practices outlined in this blog can help serve as a guide to building.
Privacy Policy
An effective, comprehensive privacy policy is required by law, and outlines data collection and use. Some immediate reactions would be to think that no one will ever look at this page—but this document is easily the most important page to have on your website!
Your privacy policy serves as a guide and an outline to your internal team as well as to your customers. It should be a lengthy document, covering anything and everything related to customers and the data that is shared about them. This document is the place to note if data ever gets sold to or shared with someone else, and what the conditions would be for that to occur. Other topics to cover include the types of data collected, an outline of usage and purpose, and an overview of user rights. Finally, a physical address, email, or phone number must be listed as a means of communication.
Best practices include reviewing and updating the documentation regularly as well as ensuring it’s an easy-to-comprehend document, using plain language over technical jargon.
Privacy Hub
The rules regarding data, PII, privacy, and privacy compliance are constantly changing. There are currently no federal PII laws in existence in the US –– all organizations follow a lengthy list of other state and PII-specific privacy laws. For this purpose, we built our own Privacy Hub to highlight, link to, and further explain the privacy, data, and PII landscape to our website visitors who want to know more.
While it’s not a requirement to have this on your site, building and maintaining a hub can have a variety of benefits.
Firstly, it requires your team to research, learn, and be in the know about the latest updates and privacy news, as someone needs to make sure the hub stays accurate and up to date. Managing the hub means ongoing education directly related to the most recent data, PII, and privacy information, therefore requiring tech and data teams to adapt and grow along with it.
The other perk? Housing all this documentation in one easy-to-access place shows in good faith to your visitors and patrons that you are keeping up to date on the quickly changing landscape of data and privacy legislation.
Partnerships
The world of privacy compliance can get murky as technology evolves—and you’re not going to want to travel into these uncharted waters alone. Having resources that can provide professional assistance, guidance, and insight is key to keeping your company, tech, and efforts in tune with –– or even ahead of –– the developing PII world. This can be in the form of a lawyer, general counsel, and/or partnering with a company that can guide you in reference to privacy management, data governance, and PII consent and preferences.
Publicly referencing these as a source helps let your partners, vendors, and any prospects, clients, or customers know that you are following the rules, aiming to keep data safe, and that adhering to PII and privacy best practices is a top priority.
As companies, products, and technology in general continue to expand into new territory, having a trusted professional in the tech and privacy space to reference when it comes to the hard-hitting questions is insurance worth taking advantage of. This can also help cover the bases regarding customers and cookie consent, unsubscribing, opt-ing out, and the process of organizing and auditing that data for compliancy, which we will discuss in Part II of our series.
At the end of the day, one of our main goals, as with many technology or product companies, is to provide value. Additionally, we always want to show in good faith that customers, their satisfaction, and security are taken seriously—and that we create processes and make investments in that.
Our software is up to date on privacy compliance. To see the value we can provide you, schedule your demo here.