This statement should tell the consumer how the merchant will be using the personal data
they have collected.
“We respect and are committed to protecting your privacy. We may collect
personally identifiable information when you visit our site. We also automatically
receive and record information on our server logs from your browser including
your IP address, cookie information and the page(s) you visited. We will not sell
your personally identifiable information to anyone.” (And so on...)
Or, if they do pass along personal information for whatever reasons, they would
state this instead. This policy should be tailored to how the merchant intends to
use the information they are given.