Data Privacy Policy


Data privacy policies are important legal documents that help the user in identifying the various ways that websites might use to collect data from their personal information. On the other hand data incident response policy comprises of procedures and plans for information security. Again there exists a critical component considered when creating data incident privacy policy. The increased cyber-crime incidents have led to the creation of policies and laws by various institutions to prevent the destructive effects of the breach (Bennett, 2018). The policy also specifies steps taken to people responsible for the breach. E-commerce websites use data privacy policies with their users to protect their data and information.

Key aspects of a data privacy policy

E-commerce refers to the buying and selling of items through the various online platforms. These platforms need to be regulated and hence the creation of a data privacy policy that informs the user on how their information is collected and used. One of the aspects that a data privacy policy for a possible e-commerce web site should have is that of password management (Martin, & Murphy, 2017). These sites should have a policy that allows users to be their account managers where their login passwords remains a secret. They should also have a recovery process for the passwords in case the user forgets it.

A second aspect of that a data privacy policy for a hypothetical e-commerce web site should have is that of security incident reporting. In case the user of the e-commerce website notices some irregular activities with their account, the company’s data privacy policies should be able to direct them on how to report the incident. From there Incident response teams should carry out baseline services and any additional activity that adds value to incident response. The teams’ functions can be categorized into proactive, reactive and information security improvement. Another key aspect of the e-commerce website data privacy is that of the internet and email privacy. The policies should inform the user on how secure their email is before they ask them to use it. This is because many of these websites use the user’s email as their logins and from where they gain access to information to the email accounts of the users (Bennett, 2018). On the other hand, the internet usage policies should be provided for the user. This is because many of the users use data packages which might be depleted with the access of the hypothetical e-commerce websites.


The world today is becoming technological whereby many purchases of goods and services are being made from the comfort of a person’s home. Due to this, the platforms of purchase should have policies of data privacy that show their users the different ways that their information is collected and used. To the contrary, modern e-commerce companies are adopting advanced technologies like cloud service providers that help in managing data privacy and user-related information. Additionally, in protecting student privacy rights in higher education, it will not only require you to understand the federal laws, but you will also need to know the relevant state privacy laws.




Bennett, C. J. (2018). Regulating privacy: Data protection and public policy in Europe and the    United States. Cornell University Press.

Martin, K. D., & Murphy, P. E. (2017). The role of data privacy in marketing. Journal of the        Academy of Marketing Science45(2), 135-155.