What should your privacy policy cover?

As a business, you deal with a lot of personally identifiable information on a daily basis. It can come from anybody who interacts with your business. It could be your clients, your vendors, employees, etc. You need to have a privacy policy declaring how you, as a business entity, will be using that data. There are 5 key elements that a privacy policy must touch upon. They are

Information about the data you are collecting

Your privacy policy needs to spell out what kind of PII you are collecting. Make sure you cover all possible data --right from something as ambiguous as first names to the more important ones like credit card information.

Information about how the data you collect will be used

The next step is to state how you will be using the data you procure and for what purposes. For example, if you will be using the data to reach out to customers at a later date to market your products and services, you need to state that.

Information about data sharing

Who will you be sharing the data with? You need to identify who you will be sharing the PII with. For example, it is possible that your vendors or partners may have access to it. You need to declare this clearly in the privacy policy.

Information about data security and storage

Your privacy policy should identify how you will be storing the PII. You also need to discuss the security measures you will be taking to keep it safe.

A bit from the customer’s perspective

The first 4 elements discussed here pertain to disclosure of information regarding data collection, sharing, storage and security. These are all from the business’s perspective. The final item in the privacy policy covers the rights of your visitor. Your privacy policy must mention

• How visitors can see what PII of theirs has been procured
• Correct or update their PII
• What recourse visitors can take if there’s a breach of the privacy policy

Be sure to cover all these 5 areas when drafting your privacy policy. You can also run it by a credible MSP or ask them for a template or draft.

• NOTE: This blog is for informational purposes only and designed solely to encourage awareness of this complex topic. To learn more, contact legal and technical professionals for advice.

7 Tips for creating a great privacy policy

A privacy policy is not just a legal requirement, it is a tool to help earn your customers’ trust and to protect yourself. In many ways, it sets the stage for the next steps such as data security, sharing and storage. In this blog, we share 7 tips that will help you when drafting your privacy policy.

1. Update your privacy policy if there’s a change in any process or procedures related to any of the 5 key elements of the privacy policy (data procuring, storage, security, sharing and customer rights) and notify your customers of the update. Even a simple pop-up on the website, telling them you have made some updates to the existing privacy policy and they need to ‘accept’/ authorize the new one, will do.


2. You need to make sure the privacy policy is a part of your website’s sitemap or clearly visible in the footer. The goal is to ensure it is easily accessible to your website visitors, in case they wish to read it. With the same goal in mind, we recommend that you keep it simple. There’s no need to use fancy words and jargon in your privacy policy. Just ensure it covers and conveys everything.


3. Give a link to the privacy policy wherever it can come into play. For example, before filling a form (for demo/appointment/asset download), before check out (at the time of a purchase) or even just as they enter your website.


4. Don’t forget the cookies! If your site uses cookies to store visitors’ preferences with the goal to offer a more personalized browsing experience, you need to let your visitors know of that. A pop-up on your site during their first time visit is a good way to do this.


5. There are many websites online that you can use to get a template or a framework for your privacy policy. A great resource to get started with is the Better Business Bureau’s privacy policy template. They have privacy policy templates customized as per the state you operate in. Here’s a link to one of them- https://www.bbb.org/greater-san-francisco/for-businesses/toolkits1/sample-privacy-policy/


6. Make sure your privacy policy mirrors the standards for the industry you are in. For example, a privacy policy for a business that sells products may differ from that for a service- oriented firm. An accounting firm or a healthcare service provider may have to cover more ground in their privacy policy owing to other regulatory requirements than a simple ecommerce based product seller.


7. Stay abreast with developments that may affect your privacy policy. The GDPR is one of them. If you are afraid you won’t be able to keep tabs on such news, ask your MSP and legal counsel.

If you are too busy to draft a privacy policy that suits your business or are just not sure if you have covered everything that you need to, it may be a good idea to sit with your Managed Service Provider and have them review your existing policy or create a new one for your business.

• NOTE: This blog is for informational purposes only and designed solely to encourage awareness of this complex topic. To learn more, contact legal and technical professionals for advice.

What is a privacy policy and why do you need one

Your business is privy to a lot of data. A lot of information flows in from clients, vendors and even your employees. This includes Personally Identifiable Information (PII)--data that can help identify an individual and perhaps even get in touch with them. A privacy policy tells others how your business will be using all the PII.

You may not realize it, but you are collecting PII everyday! Instances where your business is collecting PII is when you have a form on your website asking for details such as name, phone number, address or city, etc. that visitors have to fill out to schedule a demo or an appointment with you, to download a whitepaper, or a form that they need to fill online at the time of purchasing your product or service--even something as simple as making an online payment on your site entails sharing their PII with you. As a business, before you gather PII from anyone, as a business, it is your legal responsibility to have a privacy policy in place. The U.S., as such, doesn’t have a federal law that makes a privacy policy compulsory, but many states in the U.S. do, which pretty much makes it a must-have, no matter how big or small a business you are. Other than that, here are a few reasons why you need a privacy policy.

It can protect you in the court of law

A privacy policy is more than just a legal requirement. Not just a legal requirement, having a privacy policy can safeguard you from potential lawsuits. Having someone accept your privacy policy can protect you as long as the information and the way in which you used/shared/stored it was covered in the privacy policy and authorized by the party in question.

It enhances your brand image and helps build trust

By having a privacy policy in place, you will be perceived as someone who takes data and information security of your clients seriously. This naturally enhances your brand image and helps build trust.

In short, a privacy policy is indispensable if you run a business. If you are too busy to look into drafting one, get in touch with a MSP to help you with the nuances of creating a privacy policy.

• NOTE: This blog is for informational purposes only and designed solely to encourage awareness of this complex topic. To learn more, contact legal and technical professionals for advice.

3 ways Office 365 helps cut down your IT costs

Want to switch to Office 365, but are not sure if it is cost effective? In this blog, we discuss three ways in which Office 365 can help bring down your IT costs.

You don’t have to pay upfront

When you subscribe to Office 365, you can pay the licensing fee on a monthly basis. It is more of a pay-as-you-go format. In the traditional Office set-up, you had to pay for the number of licenses you bought and they were yours to keep--but, at the same time, they were tied to the device you bought them for, meaning legally, you could install them only on the device you bought them for.

You are paying only for what you use

In the traditional set-up, you are paying for installing and using the software program on individual devices. That means, if you cut down on staff or use seasonal staff, or staff working remotely from home or other locations, they won’t have access to the programs. With Office 365, you are paying per license, irrespective of the device you are using it in. That means anyone can access it, from anywhere, using their credentials. This flexible approach to Office also makes it easy when you scale up or down in terms of staff.

Great admin tools

Office 365 offers IT administrators tools that provide a lot of control and visibility over activities related to Office. Here’s what administrators can do with the new Office 365

• Create and delete users
• Manage users by creating user groups based on user roles and requirements and set different access and permission levels for each user group
• Manage the security of data in Office 365 by setting access restrictions, password expiry, etc.,

Using the admin control tools, administrators can generate reports that tell them usage patterns, draw attention to bugs, or program downtimes. The reports also provide usage patterns which can help you streamline subscription costs.

So, what are you waiting for? It’s time to make the switch to the more powerful, efficient and cost-effective version of Office. Talk to a Microsoft licensed MSP today!

Your guide to Office 365: Part-II

Last week, we provided a brief introduction of what Office 365 is, and touched on some of the benefits it offers. This week we look at a few more pros of Office 365.

More efficient

Office 365, being the recent version of Office, is one of the most efficient versions. It can boost your productivity better than traditional Office.

Offers a good number of support tools

Office 365 is more than Word, Excel and PowerPoint. It offers plenty of other support tools that make collaboration easier and can help boost the overall productivity of your team. Examples include-Sharepoint, Skype for business, OneNote, etc.,

Mobile compatibility and real-time synchronization

Office 365 is mobile compatible and has its own app that you can download on your phone and use to access and edit your Office files anytime from anywhere. Plus, since the files are in the cloud and can be shared with others, it also lets multiple people work on the files simultaneously.

Upgrades are much easier

Since Office 365 is online, you don’t have to do software updates or version upgrades the old-fashioned way, for each device. Updates and revisions can be both expensive and cumbersome, so businesses tend to stick with the older version, rather than paying for and installing a new one. This can create security issues. In Office 365, you get automated updates and version upgrades and these can be applied across all your accounts at once.

If you are already well versed with the traditional office, you don’t have to worry about Office 365 being any different. Microsoft has not made any significant changes in the cloud version of the Office that will cause confusion for users that are used to the desktop version. But, No matter how easy a software suite is to install and use, ensuring it is updated regularly so that the security patches are in place and the tool is in compliance with industry regulations and standards can be time-consuming--especially when you have a business to run and customers to attend to. Consider getting assistance from a Managed Services Provider (MSP) who is authorized by Microsoft to provide Office 365 services for you. Office 365 also has multiple versions of it--each suitable for different business sizes/uses. Your MSP will be able to guide you well as to which version suits your needs best based on your business and industry.