Recently I came across a privacy policy of a company located in California (I anonimyzed it, this is not about the company). It was quite a lengthy privacy policy, well-worded, and it covered all the main area's. But it started with this paragraph."Your California Privacy Rights
California has passed legislation requiring certain specific disclosures be made available to California residents who use the Internet and provide information that may be used for marketing purposes. That legislation requires any business that discloses a customer’s personal information (as defined by the act) to any third party for direct marketing purposes to provide the customer a method for obtaining the names, addresses and certain other specified details of anyone who might have received that personal information.
If you are a California resident you may request this information from (Company) or any of its affiliates by writing to (Company address) or by sending an e-mail to (Company e-mail addres). (Company) is not obligated to respond to more than one such request from you per calendar year."
Interesting...
Basically what this says is:
- We're doing this because of the law, not because we care about your privacy
- If you are a customer but not a Californian resident, who happens to care about his/her privacy, and want to get the information: tough luck!
- Don't bother us more than once a year please...
Now, it may very well be that the law requires this acknowledgement of Californian residents. But why not turn this to your advantage, and make a notice that this service is available to all your customer? Especially if you're already required to have processes in place for one group of customers!Note: The privacy policy law of California doesn't only govern Californian companies; all companies that conduct business with Californian citizens can be held accountable.
The Secret of our online success!