A01 chaf6542 06 se fm indd

Ask for consent for collecting sensitive personal data, and it is good practice to ask before 

collecting any type of data.

  4 

Reassure customers by providing clear and effective privacy statements and explaining 

the purpose of data collection.

  5 

Let individuals know when ‘cookies’ or other covert software is used to collect informa-

tion about them.

  6 

Never collect or retain personal data unless it is strictly necessary for the organisation’s 

purposes. If extra information is required for marketing purposes, this should be made 

clear and the provision of such information should be optional.

Amend incorrect data when informed and tell others. Enable correction on-site.

Only use data for marketing (by the company, or third parties) when a user has been 

informed that this is the case and has agreed to this. (This is opt-in.)

  9 

Provide the option for customers to stop receiving information. (This is  opt-  out.)

Use appropriate security technology to protect the customer information on your site.