- What personal information you are collecting on the site.
- Whether and how a customer can remove personal information.
- How the customer can view what information you have collected on them.
- How the information is stored, what security you are using.
- What redress the customer has if you don’t follow your policy privacy.
Privacy Alert! Don’t Collect the Customer’s Credit Card Info!
Probably the most critical issue is to state what information you are collecting on the site. I always advise my clients not to collect payment information on their website. Even with an SSL certificate you run the risk of being hacked and all of that information being stolen. You’ve heard about the thefts from Sony, Target and other large retailers? They spends millions on their security and they still get their customer information stolen. Be smart and don’t expose yourself to that risk – let your merchant gateway handle the collection of the customer’s credit card information.
Give the Customer a Choice of Privacy Options!
Most ecommerce solutions will allow customer to either create an account or complete their purchase as a guest. If they complete their purchase as a guest their name, address, email, etc., is not collected. I was actually surprised at what a big issue this is for people as I’ve never personally had a problem with creating an account when I buy online. Since talking to some clients, however, I’ve found that about half their sales come from people who don’t make an account.
Let the Customer Make Changes
If the customer does make an account, they should be able to log in and change or delete their personal information.
Terms and Conditions
Terms and conditions cover all sorts of things, from the boring legal stuff to what the customer should do if they receive defective product. This is a document which will vary widely from website to website, so be sure and take the time to really think it over. Some good sources for starter templates are:
Some things to think about for inclusion in your Terms and Conditions document include the following, all of which were in response to events experienced by my clients:
- What happens/who is at fault if a shipment never arrives or is stolen? You may want to explicitly state something to the effect that delivery by you occurs when the package is handed to the shipper.
- How is an order handled if payment is cancelled, but the order has already shipped?
- What kind of defects or problems are reason for a refund?
- Can the customer return an item if it was opened or worn?
- Who pays the return postage?
These are Legal Documents!