Step 2 of 11
Data Collection Practices
Define what personal data you collect and for what purposes.
Types of Personal Data
Select all categories of personal data your organization collects:
Identity Data
- • Full name
- • Date of birth
- • Gender
- • Government ID numbers
Contact Data
- • Email address
- • Phone number
- • Mailing address
- • Social media handles
Financial Data
- • Payment card details
- • Bank account information
- • Billing address
- • Transaction history
Technical Data
- • IP address
- • Browser type and version
- • Device information
- • Cookies and identifiers
Usage Data
- • Pages visited
- • Features used
- • Time spent on site
- • Click patterns
Special Categories
- • Health data
- • Biometric data
- • Religious beliefs
- • Political opinions
Collection Methods
Specify how you collect data:
Direct Collection
Forms, account registration, purchases, inquiries
Automated Collection
Cookies, analytics tools, server logs
Third-Party Sources
Social login, marketing partners, public databases
User-Generated Content
Comments, reviews, forum posts, uploads
Purposes of Collection
Link each data type to its specific purpose:
| Purpose | Examples |
|---|---|
| Service Delivery | Processing orders, providing account access |
| Communication | Customer support, service updates |
| Marketing | Newsletters, promotions, personalized ads |
| Analytics | Improving services, understanding usage patterns |
| Legal Compliance | Tax records, regulatory requirements |
| Security | Fraud prevention, account protection |
Best Practices
Only collect data you actually need
Be specific about what you collect
Explain purposes clearly
Distinguish between required and optional data