Privacy policy
Clearly explain what personal information is collected and how it is used.
Provide options for users to control the collection and use of their personal information.
Ensure that the collection and use of personal information is in compliance with relevant laws and regulations.
Implement reasonable security measures to protect personal information from unauthorized access, use, or disclosure.
Provide clear and conspicuous notice of any changes to the privacy policy.
Provide users with a means to access and update their personal information.
Have a complaint handling process to deal with any concerns or issues that may arise in relation to personal information.
Have a data retention policy which describes how long personal data is stored and when it is deleted.
Provide clear notice about use of cookies and similar technologies, and user's options to control them.
Have a process in place for data breaches and notify users in case of any breach.