- Clear and easily accessible statements of its practices and policies
- The type of personal or sensitive personal information that is collected eg. name, email, mobile number, IP address, payment and
- billing information, demographic information, etc.
- How the information is collected eg. directly when the visitor fills in details or posts any comment, or Passively by use of tools like
- Google Analytics, Google Webmaster, browser cookies and web beacons, etc.
- Purpose of collection and usage of the personal information
- Whether it is shared with third-parties and the manner and purpose for sharing the information. Prior consent of the provider of such information must be obtained.
- The reasonable security practices and procedures it uses to protect the data.
The Law also provides that all grievances of the provider of information must be addressed in a timely manner. The website is legally required to designate some person as the Grievance Officer. Name and contact details of such officer must be mentioned on the website. The said officer is bound to address the grievance within a period of 1 month from the date of receipt of the grievance.