Rules and regulations for privacy policies vary depending on where you are based and what legislation you fall under.
Canada has the Personal Information Protection and Electronic Documents Act (PIPEDA). This law states that there are certain limits and that companies need to organize personal data that they are gathering and using, and they must disclosure this information to their users.
If a third party – such as an app or email marketing website – is involved in collecting the personal information, you will need to disclose that.
Some of the most important things to cover are: