An important, but often overlooked, component of Privacy Policies are business transfer clauses, which allow businesses to share users' information in the event of a change in business ownership, such as by merger, acquisition, or other proceeding involving the transfer, sale, or divestiture of business assets. Failure to include a suitable business transfer clause can result in violating data privacy provisions (and laws), diminished value of the data, and legal wrangling with the Federal Trade Commission and the courts. In this case, an ounce of prevention is absolutely worth a pound of cure!
(1) Business Transfer Clauses Help Companies Keep Their Promises
(2) Business Transfer Clauses Help Companies Protect the Value of Customer Data
(3) Business Transfer Clauses Help Companies Steer Clear of the Federal Trade Commission
Privacy Policies are promises to customers that can't be broken without dire financial and legal consequences. Following are a few key points for companies to consider vis-à-vis their Privacy Policies.
- Draft Privacy Policies that are consistent with business goals and carve-out exceptions for sharing data if there is a transfer of business ownership.
- A point of caution! Be sure to review the original policy, and consider any relevant laws, to determine whether affirmative opt-in consent is required before the change can be fully implemented.