Is the way I’m collecting, using, and disclosing data clear to my members? Ideally, data practices should be designed to be obvious. If practices can’t be made obvious, tell your members about them through user experience, privacy notices and support documents

A. In-Context Notices

The best place to notify your membership about your data practices is at the point of data collection, say, at the beginning of a survey or a petition. This is the best experience for your membership because they can make a timely and informed decision based on the context of the situation. This is much more engaging than relying on just your privacy policy.

You should also be clear about who is receiving the data. For example, this might be very obvious if you send out a survey through a common survey platform. But if you’re using a backend messaging platform to manage member communications on your website and there’s no mention of that platform on your website, well, your members might find it surprising that a third-party platform had access to their communications.

Consider letting your members know through:

  • Email footer
  • Sign up (email, petition, event, etc)

B. Control

Can you give your members the opportunity to opt-out of data collection they don’t want? This may not be possible in many situations, but offering your members the opportunity to control their personal information could increase the trust they have in your processes.

C. Privacy Policy

A privacy policy is one of many ways to let your membership base know what data you collect from them and how you handle that data. It should also be linked to your website and other locations where it would be helpful for your members (like at the bottom of your emails).

There is no “correct” format for a privacy policy. It should be descriptive and easy to understand. It should also disclose to your members if other companies have access to their data.

D. Transparency Report

A transparency report is another way to let your membership know your policy around handling government requests for member information. An organization that receives these types of requests may choose to provide insight into how many requests, what type of information was shared, what agencies these requests came from, etc. And even if your organization doesn’t receive requests, it can be helpful to your membership to know how you would handle this situation prospectively.

There is no “correct” format for a transparency report. It should be descriptive and easy to understand. It should also be linked to your website and other locations where it would be helpful for your members.


Example: CREDO Mobile’s Transparency Report

As a mobile virtual network operator dedicated to defending civil liberties, CREDO publishes a quarterly transparency report to disclose a number of different factors to their subscribers, including:

  • Number of government requests for customer information
  • Political offices and parties they endorse
  • Grant Recipients

    Take a look at CREDO Mobile’s transparency report here. If you are often requested information by the government and don’t have a transparency report, why not publish your own?