The key purposes of a website privacy statement are: (i) to help website owners to comply with the disclosure requirements of data protection and data privacy laws; and (ii) to reassure users that their information is being lawfully and properly collected, stored and used. In addition, a privacy statement will usually communicate to users some of the legal rights that they can have in relation to their personal information.
The types of personal information collected, and the uses to which it is typically put, depend in part upon the type of website and business that is collecting the information. An ecommerce store, for example, will collect or generate customer name and address information, payment information and order information. The classes of personal information will be put to different uses. For example, address information will be used for delivering products, and may also be used in marketing; whereas payment information will be used to collect payments and for accounting purposes. Some kinds of website – notably social networking websites and websites with social networking features – may collect and process huge amounts of personal information.