Click here to bookmark Clausehound and search for clause/contract language

Choose from our expert-compiled document frameworks and customize from a vast library of clauses.

Overview of Privacy Policy

Overview of Privacy Policy

 

What is this document?

A Privacy Policy governs the collection and use of personal information by a corporation.

 

When would I use this document?

A Privacy Policy is used whenever a company collects personal information from individuals. Privacy policies are commonly found on websites.

 

Who signs this agreement?

A Privacy Policy is legally binding between the company who created the Privacy Policy and the persons who provide personal information to the company.

 

More details about this document:

A Privacy Policy is not a negotiated agreement. It which contains the obligations of the company requesting access to personal information and the obligations of the individual providing personal information.

Privacy Policies are basic agreements that can vary in size depending on the jurisdiction they are drafted for. For example, a company collecting personal information from individuals located in the EU will have to comply with more privacy legislation than a company collecting personal information from individuals solely located in Canada.

A Privacy Policy related to the collection of personal information in Canada will include guidelines in accordance with Schedule 1 of Canada’s Freedom of Information and Protection of Privacy Act.

 

What are the core elements of this document?

The core elements of a Privacy Policy include: Collection of Personal Information; Use of Personal Information; Disclosure of Personal Information; Third Parties; Disclaimer and Handling of Personal Information.

Depending on the purpose for collecting personal information, additional clauses can include: Notice; Traffic Data, Cookies, and Notifications.

 

Related Documents

Workplace Harassment Policy – this policy deals with harassment in the workplace

Romantic Relations in the Workplace Policy – this policy deals with romantic relations in the workplace

Drug and Alcohol Policy – this policy deals with drug and alcohol use in the workplace and the procedures to follow if unauthorized use is suspected

End User License Agreement (EULA) – an agreement used to govern the relationship with the end user of a service or product often included on websites

Software Development Agreement – an agreement between the developer of software and the customer who hires the developer to create the software

Merchant Terms of Use – a specialized terms of use between a merchant and a website/app used when the merchant uses the website/app to facilitate transactions with its customers

Read more...

Integrating your privacy policy

When creating a privacy policy, ensure that all information is in one format and that the document is clear, accurate, and readily available.

A complaint was filed against Bell Sympatico (Bell) about their uses of Deep Packet Inspections (DPI). The complainant alleged that the DPI technology collects personal information from Bell’s customers without their consent during internet transmissions. Bell said that they used DPI for traffic-management purposes.

That is, DPI was used to track congestion problems on the internet which slowed down internet services. DPI was able to track: applications most used, usage patterns based on IP addresses, application usage patterns, malicious traffic, etc.

The complainant argued that there was not sufficient clarity and concision about Bell’s monitoring policies. For example, a link in Bell’s Terms and Services document to their Privacy Policy was dysfunctional. The information regarding traffic management practices was in three different areas on Bell’s website, none of which were under its Privacy link. It was held that Bell’s information regarding the collection of personal information was not readily available. It needed to be more understandable and integrated. It was recommended that Bell integrates all their policies and practices about traffic management into one format.

Also, it was recommended that they and add another Policy FAQ on their website explaining the traffic management practices and the impact these practices have on customer’s privacy. Source: PIPEDA Case Summary #2009-010 Report of Findings Assistant Commissioner recommends Bell Canada inform customers about Deep Packet Inspection.

It was recommended that Bell integrates all their policies and practices about traffic management into one format. Also, it was recommended that they and add another Policy FAQ on their website explaining the traffic management practices and the impact these practices have on customer’s privacy. Source: PIPEDA Case Summary #2009-010 Report of Findings Assistant Commissioner recommends Bell Canada inform customers about Deep Packet Inspection.

 

–  –  –

This article is provided for informational purposes only and does not create a lawyer-client relationship with the reader. It is not legal advice and should not be regarded as such. Any reliance on the information is solely at the reader’s own risk. Clausehound.com is a legal tool geared towards entrepreneurs, early-stage businesses and small businesses alike to help draft legal documents to make businesses more productive. Clausehound offers a $10 per month DIY Legal Library which hosts tens of thousands of legal clauses, contracts, articles, lawyer commentaries and instructional videos. Find Clausehound.com where you see this logo.

What you don't know can hurt you! Subscribe to stay informed.

Sign up now and receive an email when we publish new content.

We will never give away, trade or sell your email address. You can unsubscribe at any time.

Read more...

Modern privacy concerns

Privacy policies of popular websites have most captivated the media and the public’s attention.

Google’s privacy policy has caused the most controversy given its internet prowess and suspicious practices and processing of personal data. The general trend is that Europe is more sensitive to breaches of online privacy, but the United States is able to levy larger penalties. For example, Google agreed to pay 17 million dollars to the US government for its controversial use of HTTP Form POST functionality that uses JavaScript to submit a form without affirmative user action for the purpose of overriding a Browser’s Cookie-blocking setting.

This places an HTTP Cookie on the Browser without the user’s consent. Other practices include how Google uses the same privacy policy for all its services without the users’ consent. There is a general concern over the lack of transparency in the handling of large quantities of personal data. Both the United States and Europe believe that privacy of its citizens is moral right that should be protected. The United States conferred the Attorney General with powers to enforce the terms of Compliance Agreement between Google and the 50 states following the HTTP dispute. In Germany, Google was fined 145,000 euros for collection of data from home WiFi Networks by GoogleStreet View cars. Critics have noted that neither fines are able to effectively deter improper behavior given Google’s wealth.

In the UK, the ICO is investigating whether Google’s privacy policy complies with its data protection act. Other technology companies such as Microsoft, Facebook, and Instagram that handle a great deal of personal data are under similar scrutiny. Recently, Instagram started to host ads on its website, and it changed its privacy policy and terms allowing advertisers to use photos and data of users without any compensation.

However, after user backlash over the change, the founder made statements that it is not their intention to sell users’ photographs or to use photos in advertisements, but the change still bodes uncertainty. Recent report from Deloitte finds that only about 26% of users read privacy policies, which are often so long that it would take about 250 hours every year for the average person to read all the privacy policies of all websites they visit’s equivalent to 781 billion cost in internet users’ time. Along those lines, about 22 percent of consumers are confident that companies do not sell their personal details without their knowledge, and only 24 percent are confident that companies inform them of how the data is being used.

 

–  –  –

This article is provided for informational purposes only and does not create a lawyer-client relationship with the reader. It is not legal advice and should not be regarded as such. Any reliance on the information is solely at the reader’s own risk. Clausehound.com is a legal tool geared towards entrepreneurs, early-stage businesses and small businesses alike to help draft legal documents to make businesses more productive. Clausehound offers a $10 per month DIY Legal Library which hosts tens of thousands of legal clauses, contracts, articles, lawyer commentaries and instructional videos. Find Clausehound.com where you see this logo.

What you don't know can hurt you! Subscribe to stay informed.

Sign up now and receive an email when we publish new content.

We will never give away, trade or sell your email address. You can unsubscribe at any time.

Read more...

Legal Tips and Tricks: Prepping Your Contracts for Acquisition

A critical part of a company acquisition is ensuring that the transaction is not missing any of the consents required of the contractual counterparties.   Deficiencies in some or all of these points can lead to the loss of key assets or to an uncomfortable transition for all concerned.

All counterparties should make sure they consider the four scenarios that are set out below.

1.       Employment:  earn out/”golden handshake”

Acquirers should consider the effect of a change of control transaction on employment agreements.  Upper management will sometimes build in a “golden handshake” or “golden parachute” clause into their employment contract that requires that, if the contract is terminated shortly after a change of control, salary and benefits will continue for an additional 1 or 2 years.   Contracts containing this clause should be considered by the acquirer as it could affect the acquisition value of a transaction.

2.        Employee stock options:  accelerated vesting/terminated vesting

Employees whose shares are vesting should read the terms of their option agreement carefully to determine the effect of a change of control transaction.  The shares could accelerate into immediate vesting in a generous agreement.  Some option agreements will provide for immediate vesting should the employee be terminated within a few months of a change of control, to provide the option-holder with some comfort that their position will not be made redundant and to keep the share capitalization clean.  Conversely, in other cases, where such protections do not exist, the existence of potential vesting can be a consideration on which employees are to be made “redundant” – if it means a cleaner acquisition with fewer shareholders or potential shareholders.  Employees who are vested should consider exercising options if they believe that the company is appreciating in value and if they are facing the possibility of losing their options upon termination of their employment agreement.

3.       Leases

Lessors of equipment or office space will almost always require that the vendor in an acquisition seek written consent from the lessor prior to assignment of the lease to the acquiring party.  Failure to receive consent can be dealt with by an automatic acceleration of the payments required (for example under office equipment).  An office lessor can “deem” that a change of control is to be treated as a request for sub-letter, which, in an especially onerous agreement, could give the lessor the right to repossess the unit for its own purposes.  A lessor should agree that a lease can be assigned with written consent, “such consent not to be unreasonably withheld”.

4.       Ownership/transfer of personal information

All counterparties should carefully review the company privacy policy to ensure that site visitor/subscriber/customer names and accounts are assignable to the acquiring entity, upon change of control.  A savvy company will ensure that this right of transfer has been included in the Privacy Policy, website terms of use or customer terms of service.  It is prudent to ask for all past and present versions of any existing privacy policy/user agreements, as the agreement that customers/users/subscribers are subject to is presumably the agreement that was current at the time of (in the case of a customer) initial sign-up.

 

–  –  –

This article is provided for informational purposes only and does not create a lawyer-client relationship with the reader. It is not legal advice and should not be regarded as such. Any reliance on the information is solely at the reader’s own risk. Clausehound.com is a legal tool geared towards entrepreneurs, early-stage businesses and small businesses alike to help draft legal documents to make businesses more productive. Clausehound offers a $10 per month DIY Legal Library which hosts tens of thousands of legal clauses, contracts, articles, lawyer commentaries and instructional videos. Find Clausehound.com where you see this logo.

What you don't know can hurt you! Subscribe to stay informed.

Sign up now and receive an email when we publish new content.

We will never give away, trade or sell your email address. You can unsubscribe at any time.


Read more...

Additional Rent Announcements API Approval of Terms Asset Purchase Agreement Background Intellectual Property Board of Directors Business Case Law CASL Clausehound Collaboration Commercial Lease Confidential Information Confidentiality Consulting Agreement Contract Drafting Contract Negotiations Corporation Costs and Expenses CPD Definition of Intellectual Property Dispute Resolution Distribution Agreement Employee Employment Employment Agreement ESOP Events Farming Law Generally Used Clauses Grant of Licence Handling of Confidential Information Indemnity Independent Contractor Independent Legal Advice Informal Discussions Intellectual Property Investor Journey Licence Restrictions Limitation of Liability Long Form Marriage Contract Master Services Agreement NDA Non-competition Not for Profit Articles of Incorporation Notice of Arbitration No Waiver Obligations Ownership of Intellectual Property Ownership of Work Product Parties Partnership Prenuptial Agreements Privacy Policy Product Sales Agreement Purpose Representations and Warranties Restrictive Covenants Safeguarding Requirements Settlement Agreement Shareholder Agreement Software Development Start-up Subscription Agreement Technology Termination Term Sheet Terms of Use Trademark Registration Transfer of Intellectual Property Waivers and Releases Website Terms of Use
Show All Tags