ARTICLE
12 August 2022

The Rise Of Privacy Centers

AC
Ankura Consulting Group LLC

Contributor

Ankura Consulting Group, LLC is an independent global expert services and advisory firm that delivers end-to-end solutions to help clients at critical inflection points related to conflict, crisis, performance, risk, strategy, and transformation. Ankura consists of more than 1,800 professionals and has served 3,000+ clients across 55 countries. Collaborative lateral thinking, hard-earned experience, and multidisciplinary capabilities drive results and Ankura is unrivalled in its ability to assist clients to Protect, Create, and Recover Value. For more information, please visit, ankura.com.
As data privacy regulatory obligations continue to expand, more and more organizations are integrating privacy centers within their public-facing websites.
United States Privacy
To print this article, all you need is to be registered or login on Mondaq.com.

As data privacy regulatory obligations continue to expand, more and more organizations are integrating privacy centers within their public-facing websites. Privacy Centers are portals embedded within the organizations' websites where consumers can find everything they need to know about an organization's Privacy Policies in one convenient location. 

A typical Privacy Center contains:

  • Privacy Policy/Notice
  • Cookie Policy
  • Terms & Conditions
  • FAQs
  • Marketing or Communication Preferences
  • Privacy Rights Request Choices
  • Support and Contact Information for the organization's privacy team

Privacy Centers offer a chance for organizations to demonstrate their commitment to privacy and gain brand loyalty. It allows organizations to convey their privacy vision in a much more clear and straightforward way. Privacy Centers can include short-form privacy notices in addition to more detailed privacy notices required by individual State and/or International requirements such as the EU's General Data Protection Regulation.

If the proposed Federal Privacy Law titled the American Data Privacy and Protection Act (ADPPA) passes, in addition to the more detailed privacy notices, organizations defined as "large data holders" must also provide a short-form privacy notice that is no more than 500 words in length.1 We sampled a few California consumer privacy notices of organizations that are likely considered "large data holders" and most were over 3,500 words in length. Using a Privacy Center is a way for organizations to include a short-form notice and layer the more detailed notice underneath for consumers who want that additional granularity.

Even if the ADDPA does not pass, we believe there is a high likelihood that the next round of State privacy laws will include some of the proposed requirements that were in the ADPPA. As a result, we expect a short-form version of a privacy notice likely to be required in the future. 

Organizations that include technology platforms as part of their core offerings will also likely include privacy notices for the website and separate privacy notices for each platform given the data collection and uses practices varies across each and a Privacy Center is a great place to house these additional notices. 

Emerging privacy technology allows organization to structure these Privacy Centers in a manner to promote integration with privacy compliance and other marketing functions such as email frequency and/or opt-outs, text marketing preferences, postal mail preferences, and phone call preferences. 

Below are some good examples of Privacy Centers:

https://www.marriott.com/about/privacy.mi

https://www.facebook.com/privacy/center

https://www.spotify.com/us/privacy

https://contentsquare.com/privacy-center/

https://www.johnsoncontrols.com/privacy-center

https://www.homedepot.com/privacy/overview

Privacy Centers are not currently mandatory but in our experience continue to grow in popularity as organizations balance clear and concise messaging to their customers with the detailed and complex regulatory requirements of an online privacy policy. The introduction of Privacy Centers represents a good practice for large brands to adopt as they promote organization, ease of use and transparency. 

Footnotes

1 https://docs.house.gov/meetings/IF/IF00/20220720/115041/BILLS-117-8152-P000034-Amdt-1.pdf

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.

ARTICLE
12 August 2022

The Rise Of Privacy Centers

United States Privacy

Contributor

Ankura Consulting Group, LLC is an independent global expert services and advisory firm that delivers end-to-end solutions to help clients at critical inflection points related to conflict, crisis, performance, risk, strategy, and transformation. Ankura consists of more than 1,800 professionals and has served 3,000+ clients across 55 countries. Collaborative lateral thinking, hard-earned experience, and multidisciplinary capabilities drive results and Ankura is unrivalled in its ability to assist clients to Protect, Create, and Recover Value. For more information, please visit, ankura.com.
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More