Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Prudence: Safety First
As important as easy and quick shopping is safe shopping. Safety comes in two flavors: credit card security and personal privacy.
Remember when the web promised to level the playing field of commerce? Anyone could set up an e-commerce site that for practical purposes looked as credible as a big e-tailer. That's the beauty of the Net. But when it comes to concerns about credit card security and personal privacy, consumers want to know how secure their private information is, how it's being used, and whether their credit card is at risk when punched into an order form and sent flying through cyberspace.
A certain amount of trust must be established between you and your shoppers. They trust that you've taken the best measures possible to protect their credit card and personal information. Even so, you need to inform shoppers that you're concerned for their security and privacy. People are concerned that their personal information—even their identity—has been compromised on the Net. You have to make it very clear that your site is safe for credit cards, and the personal information collected in the course of the order is protected.
Telling your visitors and customers how you'll use personal information that you gather on your site goes a long way in building this trust. You should have a Privacy Policy page on your site that's accessible from the footer of every page on your site.
Here are some more privacy pointers to keep in mind:
Inform the visitor that you're collecting information. If you think your company is not collecting information from visitors to your site, think again. Most web sites maintain logs that contain some information on every visitor to the site. If you maintain a site log, you're collecting information. Your privacy policy should disclose the collection and use of this site log data. Also, companies make routine disclosures of personal data to their lawyers, auditors, computer service companies, and sometimes under subpoena. None of these disclosures are terribly bothersome, but they should be mentioned in the privacy statement.
If you're planning to use a customer's data for marketing purposes, give the customer the choice to participate or opt out. Don't automatically subscribe a visitor to your newsletter or send email promotions without asking permission first. Have the user choose to opt-in to any ongoing communications with your company. This means keeping the "Would you like further information from our company?" box unchecked and have the customer or visitor manually check the box himself. Then give him or her the option to easily opt-out later.
State that any and all information you keep on your customers is kept secure and that no other party has access to it. If you're keeping personal credit histories and credit card numbers on file, how are those numbers being protected from hackers?
Make sure that regular folks can read your privacy policy. Leave out the legalese and tell it in straight, easy-to-understand language. Remember to be clear and concise and state everything that you will and won't do. If you don't have a privacy policy page, the Direct Marketing Association can create one for you.