1) Clear and easily accessible statements of its practices and policies.
2) Type of personal or sensitive personal data or information collected.
3) Purpose of collection and usage of such information.
4) Disclosure of information including sensitive personal data or information.
5) Reasonable security practices and procedures.