Online privacy policies have come a long way as technology and buying habits have evolved, especially since social networking sites, search engines and businesses have come under fire for sharing user information without sufficient disclosure.

Since no business is too small to merit an online privacy policy, Better Business Bureau (BBB) advises every business with an online presence — and that goes for social media accounts, too — to have a privacy policy. BBB requires any business that applies for accreditation to post a privacy policy.

When drafting your web site’s policy, consider using simple language to answer the following questions.

What information do you collect? Outline the types of personal data you collect from customers. This includes home address, e-mail, phone numbers and credit card numbers.

How do you collect the information? Web sites collect information from customers in many different ways. Even if you don’t actually sell goods through your site, you might have an e-mail sign-up for a newsletter or application, or install cookies on the visitor’s computer to track activity. Disclose how data is being collected.

How do you use the information? Include background on how you share customer information with third parties, such as to process orders. If you sell customer information to marketers, explain what information is sold and how it could be used.

What control does the customer have over his or her personal information? Customers need a way to contact your business and control their personal data, whether it’s changing a password on their account or taking their name off of a mailing list. Plan to include a direct phone number or e-mail address that customers can use to manage their information with you.

How do you protect the information? Explain how you protect customer data, including, but not limited to, web site encryption, limiting employee access to sensitive customer data and server accuracy.

There is no “one-size fits all” privacy policy. Your business is unique and your privacy policy should be, too. BBB has sample statements online to help you get started, but you should seek legal guidance before you finalize your policy. You are legally liable if you fail to abide by your privacy policy statement or if the statement does not comply with applicable laws.

As your business changes, so should your privacy policy. Plan to review and revise you policy as your web activities evolve, and alert your customers when you make revisions affecting their personal data.

Angie Barnett is president and CEO of the Better Business Bureau of Greater Maryland. She can be reached at 410-347-3990 and [email protected].