Internal Privacy Policies
External Privacy Policies
External privacy policies primarily focus on what information is gathered, ways it is used and how it is secured from unintended use. According to Business Link, common uses for gathered data include: internal record keeping, making improvements to products and services, sending promotional emails, website customization on future visits and market research. External privacy policies frequently cover the use of “cookies” (small web files that allow for greater efficiency and customization for users re-visiting a site) and note how individuals can make any decisions about the use of their information, if applicable.
Corporate Code of Conduct
A corporate code of conduct may change significantly based on the size of a company and the type of business. Some common elements of a code of conduct include: compliance with the laws, avoidance of conflicts of interest, rules about insider trading (for public companies), and use of company assets and information. A code of conduct usually covers discrimination, harassment, record keeping–such as that related to a time clock–and gifts from customers or suppliers.
Use of Policies
These different policies focus on different audiences and not surprisingly have varying goals. Internal privacy policies are designed to set appropriate expectations for employee behavior, to minimize potential issues and to maximize efficiency. External privacy policies seek to make potential customers feel comfortable enough with a company and its site that they decide to complete a transaction. A corporate code of conduct is intended to set expectations of employee behavior and to serve as a legal document in the event that an employer needs to take a job action (such as suspension or termination) or in the event of a wrongful termination lawsuit.
Internally, the law is still murky concerning employee privacy. Most employers will allow a trace amount of personal e-mail use and Internet use. As well, most courts would rule in favor of the employee in the event of excessive employer monitoring. However, it should be noted that too much personal use can be constituted “theft” (of time paid), which can be an effective legal argument for a company.