However, most privacy laws identify the following critical points that a business must comply with when dealing with personal data:
Notice – Data collectors must clearly disclose what they are doing with the personal information from users before collecting it.
Choice – The companies collecting the data must respect the choices of users on what information they choose to provide.
Access – Users should be able to view, update or request the removal of personal data collected by the company.
Security – Companies are entirely responsible for the accuracy and security (keeping it properly away from unauthorized eyes and hands) of the collected personal information.