“Masaar” noticed a number of issues related to the privacy policies used by websites and applications in Egypt, which affect users’ privacy and their digital security. Some privacy policies are vague, which make them not understandable by users. Also, some websites and applications collect, store and analyze users’ data and share them with third parties without their prior consent.
Therefore, “Masaar” provides this guide to technologists, owners of websites and applications, and companies working in the field of communications and information technology, to provide advice that helps these groups formulate the privacy policies of the digital platforms they manage. “Masaar” believes that writing and developing privacy policies for websites or applications is an ongoing process. Also, the terms of privacy policies adopted by these websites and applications must be reviewed periodically in order to keep pace with the developments of various services or software, to respond to changes in the type of data collected from websites or applications, or to adapt to changes in the infrastructure.
This guide aims to provide a number of tips that help make the privacy policies adopted by websites and applications more clear, understandable and easy to apply. The guide also provides advice on how to maintain a balance between the users’ right to protect their privacy and control their data on the one hand, and the requirements of the service provider (website or application) in collecting information and data necessary to develop the services they provide, on the other hand.
First: General rules and practices
- There should be a way for communication between the user and the service provider to answer questions about privacy protection.
- The policy should explicitly state that users are entitled to protection -because of the collection and analysis of their data- from sexual exploitation, physical and psychological abuse and from degrading treatment.
- The use of data collection software and tools should be rationalized and the usage patterns monitored.
- We also recommend that the software used in managing and operating the websites or applications be subjected to an independent technical review regarding security and protection; the results of this review should be announced to users.
Second: Data collection
1. Data provided voluntarily
2. Data collected by cookies
These are two types, the first: Season cookies, which remain until users or service recipients leave the website or application. The second are persistent cookies, which remain on the devices of users or service recipients, even after leaving the website or closing the application, and are deleted by the users or service recipients manually.
Third: The purposes of data collection and analysis
Fourth: Sharing data with third parties
The basic rule: Data sharing with third parties must be based on the prior consent of the users/service recipients, and this must include their consent to the type of data that is shared and the privacy protection measures that the third party is subject to.
- That the data is shared with third parties in an anonymous way; the data should not contain information that can reveal the identity of the users/service recipients.
- In any event, data sharing procedures with third parties must be governed by rules that attach great importance to the privacy of users and recipients of the service, including but not limited to:
- Prior consent: The service provider is obligated not to share any user/service recipient data and information without their prior consent.
- Respect for privacy by third parties: The service providers are obligated not to share any of the information and data they collect with any third party if there is reason to suspect that the third party is misusing them or violating the privacy of users.
- Meeting legal obligations: The service provider is obliged not to disclose any data and information about the users/service recipients to any law enforcement agency except in the case of a prior judicial order.
- Technical reasons: Data and information may be shared anonymously with third parties in order to facilitate the operation of the website or application and improve their performance, address technical problems and make the necessary improvements to the servers, and in this context the information must be anonymous.
- Digital security measures: Data and information may be shared with third parties with the aim of taking the necessary security measures to ensure that user/ service recipient data is kept secure or to ensure that payment systems are secure for processing financial payments by payment service providers.
Fifth: Securing data and information
- Make certain that data and information collected or stored by the website or application is securely processed and stored. Access to such data and information must be limited to the minimum number of individuals employed by the website or third parties, while ensuring that they are subject to confidentiality obligations.
Sixth: The user's control over their data
- The right to cancel the subscription: stipulating the right of users/ service recipients to request the cancellation of their subscriptions at any time; the website or application is obligated to cancel the subscription.
- Erasing data: Users/service recipients have the right to request erasing their data and personal information at any time. The website or application is obligated to implement this and inform the users/service recipients of the time required for the erasure and clarify its procedures.
- Obtaining a copy of the information and data: Users/service recipients have the right to request a copy of all their data and information at any time and without giving any reasons.
- Backup copies: Service providers must work to find technical solutions to erase data and information from backup copies, so that they are erased upon request by users/service recipients.
- Availability of previous policies: The service provider is obligated to make available the previous policies and the changes that are made to them on an ongoing basis.
Eighth: Loss of the right to use or retain data and information
Service providers must respect the right of users/service recipients to revoke the right of the website or application to use, process and/or retain the data and information collected in the following cases:
- The user’s request to unsubscribe.
- The user’s request to erase their data and information.
- Suspension of the service for which the data and information were collected.
- The purpose for which the data were collected has ended.
Ninth: Reporting data leaks and security problems
The service providers are obligated to inform the users/recipients of the service about any leakage of data and information that is collected and stored, or any of the security problems that may affect their privacy. This is done as soon as the service providers become aware of the leakage. The service provider is also obligated to inform the users/service recipients of the possible damage to their privacy due to the discovered data leaks and security issues.
Tent: Recommendations on the use of web analytic software
In general, it is recommended to limit the use of Google Analytics, Google Tag Manager, Mixpanel or any of the software and services that can affect the privacy of users and service recipients, while the open source Motomo software that provides privacy protection options is reliable.
Recommendations on Google Analytics or Mixpanel
The following is recommended if using Google Analytics, Mixpanel, or similar software:
- Not to integrate (CRM) data with (Google Analytics) for any of the purposes related to marketing and advertising.
- Not to use the (User-ID) feature in (Google Analytics).
- Disable data sharing settings that are collected by (Google Analytics) with other (Google) services, whether with Google products and services, Benchmarking, Technical support and/or Account specialists.
- Close the data processing amendment in Google Analytics.
- Close the data collection for advertising feature in Google Analytics.
- Enabling users to delete their data collected by Google Analytics through the use of the User Deletion API feature provided by Google.
- Relying on IP Anonymization or IP masking technology in Analytics to collect and analyze the data collected by Google Analytics.
- Ensuring that the Geolocation information sent to Google Analytics is not GPS specific or highly detailed.
- Replace personally identifiable information (for example: e-mail or username) in URL schemes – including addresses sent from the website to users via e-mail- with the unique site-specific identifier.
- Using POST instead of GET to send forms via HTTP to avoid sending form information as part of addresses (URLs).
- Respect the “Do Not Track” feature in all services that you use to analyze and track usage patterns, especially in Google Analytics and Google Tag Manager, and provide the “Opt-out” option for users.
- Activating the (opt-out) feature so that users can prevent the tracking of their activities while using the website.
- Modifying “Opt-In Event” in the Mixpanel software so that none of the personal data of the website or application users is collected, for example, but not limited to: Device ID, User ID and City.
- Enabling website or application users to delete their data collected by Mixpanel by using the “Submit Requests via API” feature provided by Mixpanel.
- Taking all possible measures provided by Mixpanel regarding anonymization of the data collected by the website by applying “Tracking Truly Anonymous Data” measures.