It’s a cliché that customers must TRUST your business before disclosing personal or financial information. Prominent placement of a well-crafted privacy policy is a necessary part of building that trust, yet even major players often neglect to add privacy policy links to applications and forms.
 

Now more than ever, it’s imperative to establish customer loyalty, trust, and confidence to stay competitive. Many customers are still reluctant to bank online due to concerns about how their personal information, demographic identities, and email addresses will be used.

One step in building trust and credibility online is posting a well-crafted privacy policy. Not only is it the right thing to do, it’s a regulatory mandate from the Gramm-Leach-Bailey Financial Services Modernization Act (GLB). You should provide links to your privacy policy from every page, especially anywhere that you ask for personal information.

We recently evaluated privacy statements at dozens of leading financial institutions and found good compliance with the letter and spirit of GLB (see Table 1). However, even with privacy policy links “bolted on” to various areas of banking Websites, we discovered links were often missing where they are most needed ¾ at the moment the user is asked for personal information in an application or secure login page.

Bank of America does not mention its privacy policy on its checking account application.

To help boost the payback from your privacy initiatives, we developed ten recommendations to improve its effectiveness.

Privacy Area Recommendations

•          Call it something besides policy; for example, Privacy Pledge at US Bancorp, Privacy Principles at ING Direct.
•          Link to the privacy area from every page
•          Use consistent page placement
•          Include third-party seals and validations
•          Place a prominent link to your privacy area at the beginning of all applications/forms.
•          Project your care about customer privacy in appropriate product and marketing areas.
•          Craft privacy statements in clear language with good graphic design using subheads, proper white space, and so on.
•          Include a special email and/or telephone contact for questions on privacy/security.
•          Include links to email and marketing preference forms.
•          Include links to related topics such as security, fraud prevention, and your marketing preferences page.

Source: WebCheck, 3/03

Chris Young is Founder and Senior Analyst of WebCheck Analysis, a company specializing in Website usability and design effectiveness,
(206) 517-5021, chris@webcheckanalysis.com , <www.webcheckanalysis.com>.

Table 1

Security & Privacy Areas of the Top 40 Online Financial Institutions (North America)

Source: Online Banking Report, 4/03       a = active users only     e= OBR estimate, +/- 33%    See OBR Website for complete details on each bank’s program
Notes: (1) Online banking registered users as of Nov. ’02; (2) Are there any third party security icons on the home page? (3) Are any security/privacy guarantees listed? (4) Are there links from the home page to security/privacy? (5) Is a security/privacy contact listed? (6) Can you find the security area via site search of “security”? (7) Can you find the security/privacy area on the site map? (8) Subjective grade from OBR editors