You can be on Entrepreneur’s cover!

A Seven-Step Guide to Protecting Customer Privacy By following these tips, small businesses can create a privacy plan that boosts customer trust -- and sales.

By Riva Richmond

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

Protecting Customer PrivacyThink protecting customer privacy is only an issue for business giants like Facebook and Sony? Think again.

Many small companies have lost customer trust or even been sued over privacy mishaps in recent years. And they're likely to face more problems as digital data files grow in size and importance to modern business.

You are legally, if not morally, obligated to treat your customers' private personal data respectfully and fairly. But protecting customer privacy need not be a drain on your company. Done wisely, it can create customer goodwill and even lift sales, while reducing business and legal risks.

Such a strategy involves more than securing a network from hackers and posting a boilerplate privacy policy. Here are seven steps that can help you build a comprehensive and effective privacy plan:

1. Conduct a data privacy audit.
Step one is to understand what data your business needs, what data it's collecting and how data is being stored and secured. Consider also your legal obligations if you handle medical, financial or minors' data.

Businesses sometimes collect more data than they realize because they've used third-party software code that does so automatically or because a partner, such as an advertising network or analytics company, is pulling data.

Related: Three Tips for Using Public Wi-Fi Safely

Lack of attention to this data collection is what often sparks a crisis, says Jules Polonetsky, director of the Future of Privacy Forum, a Washington, D.C., think tank. But you can avoid trouble by making sure someone in your organization is responsible for data privacy, be it a full-fledged chief privacy officer or simply the marketing director.

"No one ends up knowing what is collected and kept from beginning to end unless someone is in charge of that," Polonetsky says. "Someone needs to be accountable."

2. Minimize data collection and retention.
What you don't have can't hurt you. Privacy advocates recommend that companies collect and store only data they need to deliver their product or service. Sometimes businesses gather extra information because they think they might want it in the future. But doing so increases risk. Data can be lost or stolen by hackers, and customers can mutiny if they feel you're asking unnecessarily intrusive questions.

3. Secure the data you keep.
Even if you don't take credit card numbers, other personal data you keep could be valuable to identity fraudsters. It's embarrassing, not to mention costly and damaging, to tell customers their personal information has been compromised in a hack. And such disclosure is often legally required. So be sure you have secured your network, databases and website.

Related: What to Do If Your Business Gets Hacked

4. Post a privacy policy.
Commercial website owners are required by law to post a privacy policy. And most app platforms also require one if your app transmits data. It isn't enough to cut and paste a boilerplate policy. Regulators consider privacy policies legally binding agreements between you and your customers. You should describe your current business practices fully and accurately.

Fortunately, there are online tools that can help you create a privacy policy. PrivacyChoice, for instance, offers a free online tool called Policymaker to help develop policies for mobile apps and websites, as well as consulting services for a fee. Another option is TRUSTe's Privacy Policy Generator, and packages of related services ($499 and $995 a year).

5. Communicate with customers.
A privacy policy is a legal document that customers rarely read. But they do expect simple and clear descriptions of company data practices at key moments, such as when they're asked to provide data and when you add new features to a product or service or make policy changes.

Privacy advocates and industry groups such as the Online Trust Alliance recommend direct and upfront communication with customers about data you collect and your plans for using it. That's especially important for small companies without recognized brands that people know and trust. Most consumers will happily supply personal data necessary for a service they want. For instance, Amazon.com keeps purchase data and uses it to deliver product recommendations that millions of customers embrace.

Related: What Technologies Banks Should Be Using to Keep Your Money Safe

6. Give consumers a choice.
Recent research suggests customers expect settings and features that let them choose whether to share data, not sweet words about your respect for their privacy, Polonetsky says. They want to see signs that businesses are "serving" them, not "selling" them.

7. Provide a forum for complaints.
Give customers an online form or email address for communicating their privacy problems or concerns. And be sure to respond to their messages. Such two-way communication can help build trust and loyalty -- and help avoid potential privacy crises.

"Don't think you're too small to be noticed in this world of savvy critics," Polonetsky says. "One aggrieved customer on Twitter … can send the most minor complaint viral."

Riva Richmond is a freelance journalist who has covered technology for more than a decade. She focuses on computer security, privacy, social networking and online business and has written for The New York Times, The Wall Street Journal and other national publications. Previously, Riva was a technology reporter at Dow Jones Newswires and regular contributor to The Journal's "Enterprise" small business column.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Leadership

What We Have to Gain By Talking About Grief and Loss At Work

I lost my husband to cancer during Covid — here's how it changed how I lead at work.

Money & Finance

5 Simple Wealth-Building Tips For This Generation's Forward-Thinkers

Explore practical finance tips for young professionals striving to overcome economic challenges.

Fundraising

Avoid These 9 Pitch Deck Mistakes When Asking Others For Money

Crafting an efficient pitch deck requires serious effort, but at least it's not wandering in the dark since certain rules are shaped by decades of relationships between startups and investors.

Business News

Mark Zuckerberg Says This CEO Is the 'Taylor Swift' of Tech

Meta's CEO posed with Nvidia CEO Jensen Huang on Instagram Wednesday.

Growing a Business

To Achieve Sustainable Success, You Need to Stop Focusing on Disruption. Here's Why — and What You Must Focus on Instead.

Instead of zeroing in solely on disruptive innovation, embrace a pragmatic approach to innovation, recognizing and leveraging the potential within ongoing industry shifts.

Real Estate

3 Emerging Trends Shaping the Future of Real Estate

These three innovations are reshaping the real estate industry — discover tips for effectively covering these trends.