- First and last names of website visitors
- Email addresses from website visitors
- Shipping or billing addresses from website visitors
- Phone numbers of website visitors
- Social media information of website visitors
- Any other information from website visitors
- Information about the website owner.
- Information about whether data is disclosed to third parties.
- Information about the data being collected, how the data is collected, and why it is being collected.
Financial institutions and companies that engage in financial activities are legally required to provide privacy policies to their customers and are required to let customers know about how they share information and give customers an option to opt out if they don’t want their information shared. “Financial activities” is defined rather broadly by the FTC. It includes traditional banks, lenders, sellers of money orders, companies providing financial planning for clients, any company involved in brokering, servicing, or collecting loans, a company providing real estate settlement services, and career counseling for those going into financial activities. Financial institutions have a special obligation regarding the privacy of their consumers because they may handle sensitive information from customers, including Social Security numbers, or manage data related to a customer’s credit report. When companies handle such sensitive data, they have special obligations and must meet more stringent legal requirements regarding data safety and collection. Similarly, a company that provides health services may be required to meet more stringent data collection, data protection, and privacy laws, including HIPAA.