Privacy Policy
A privacy policy is a statement of how and why your company / website collects Personally Identifiable Information (PII), what it does with it, what choices the consumer has about how it is used, whether the consumer can access the information, and what you do to assure that the information is secure.
Other privacy concerns that a privacy policy should address are the use of cookies and/or web bugs, if any.
For a more detailed explanation on what a privacy policy is and possible legalities requiring you to have a privacy policy on your website, please refer to this Wikipdia article
For help in creating your own privacy policy, The Direct Marketing Association has some good advice as well as a free, online privacy policy generator.
Other references:
- Network Advertising Initiative
- EFF - Best Practices for Online Service Providers
- BBBonline - Sample Privacy Notice
Cookie policy
A cookie policy is usually part of the privacy policy. It's addressed within it's own section normally a paragraph which states what type of cookies are used: session, persistent, or local shared object (LSO). When using third-party advertising such as Google, refer to their FAQ for reference (if any) for help.