by François Daigle Director, Professional services and trainingOkiok Data
by François Daigle Director, Professional services and trainingOkiok Data
Collecting customer’s personal information is easily accomplished through Web forms, but you should be aware of the potential pitfalls of maintaining these records.
Choose a person within the organization to coordinate data collection, even if it’s not a full-time job. That person should know the disclosure laws and be familiar with legislation like PIPEDA (Personal Information Protection and Electronic Documents Act)
Some organizations will prefer outsourcing those responsibilities. They should make sure they choose a partner who fully understands their privacy compliance and management issues.
It’s important to create a privacy policy for information management that includes protection of personal data. The precise wording depends on the industry and the relationship the company has with its customers.
A privacy policy doesn’t need to be long and complex. The longer it is, the less it will be read and the more difficult it will be to implement and follow.
A corporation always needs to have the consent of its customers (or employees) before using their personal data. The consent must be explicit and explicitly given.
Keep in mind that the consent a customer gives to collect his/her information is limited in scope and can only be used for a specific purpose. Personal data given by someone to participate in a contest cannot be used later to invite that person to a seminar.
Personal data disclosed by someone who doesn’t belong to the company cannot be shared without that person’s consent. The company receiving the data has the right of use but not the right of property. The person/customer disclosing the information, on the other hand, holds absolute rights.
For more information on this topic, please refer to the following articles:
❮ ❯