How to name: privacy policy and privacy policy
The English version of the privacy policy is incorrectly translated as a “privacy policy”. What is the mistake here?
“Privacy Policy” is a translation tradition that you can even find on Russian-language versions of platforms such as Google and Apple. However, confidentiality is one of the principles of information security. According to this principle, your information is protected from unauthorized access.
Confidentiality is not equal to privacy. In particular, it does not oblige you to process personal data only for the purposes you have stated. It does not oblige you to limit the retention of data and imagine who you are, what is the name of your company. Confidentiality means that you have encrypted the data, closed access to it and, for example, you have an antivirus and a firewall installed.
Privacy is about control. Users share with you (organizations, websites, services) their data, but retain their control over them.
In the context of personal data, confidentiality is an integral element of privacy (see diagram below).
The use of the title “privacy policy” for privacy policy often creates many misunderstandings. If you are a technician who knows the true meaning of the word “confidentiality”, then when opening such a document, you expect to see in it information about the encryption algorithm, the version of the antivirus, and access restrictions. You will be clearly surprised to find instead the rights of subjects, the storage periods, the goals of data processing.
Thus, the correct name for such a document is “privacy policy”. You can also use the "personal data protection policy", "personal data processing policy". The main rule: the name should reflect what is contained in the document.
“Privacy Policy” is a translation tradition that you can even find on Russian-language versions of platforms such as Google and Apple. However, confidentiality is one of the principles of information security. According to this principle, your information is protected from unauthorized access.
Confidentiality is not equal to privacy. In particular, it does not oblige you to process personal data only for the purposes you have stated. It does not oblige you to limit the retention of data and imagine who you are, what is the name of your company. Confidentiality means that you have encrypted the data, closed access to it and, for example, you have an antivirus and a firewall installed.
Privacy is about control. Users share with you (organizations, websites, services) their data, but retain their control over them.
In the context of personal data, confidentiality is an integral element of privacy (see diagram below).
The use of the title “privacy policy” for privacy policy often creates many misunderstandings. If you are a technician who knows the true meaning of the word “confidentiality”, then when opening such a document, you expect to see in it information about the encryption algorithm, the version of the antivirus, and access restrictions. You will be clearly surprised to find instead the rights of subjects, the storage periods, the goals of data processing.
Thus, the correct name for such a document is “privacy policy”. You can also use the "personal data protection policy", "personal data processing policy". The main rule: the name should reflect what is contained in the document.
Source: https://habr.com/ru/post/439938/