Privacy matters.

All you have to do is look at the recently-launched “Privacy Project” from The New York Times. It’s an ambitious — and ongoing — examination of privacy in an increasingly digital world. The Times is dedicating enough resources to the project that they’ve given it its own website and Twitter account.

Or look at Apple’s most recent marketing campaign (“Privacy. That’s iPhone.”). In a series of humorous quick-cuts in bathrooms, cars, and any other spaces where we expect a little privacy, Apple highlights how important our personal space is — and how we should expect the same privacy in the technology we use.

Privacy matters, people are concerned about it, and they don’t entirely get it. The data from Pew Research highlights Americans’ growing questions over privacy, their desire for control over their personal data. (They should have control over their personal data, by the way.)

Despite this desire for control, those surveyed by Pew struggled to understand how their data was being used by publishers, apps, and advertisers. Most people don’t read the privacy policies of every app, website, or service they use.

You know, because they’re normal and, uh, have lives.

You need to be honest with your users about how you use their data.

Are you using it to improve their experience? Are you using it to make money? Are you doing both of these things?

Many companies use data to create better user experiences for their customers. Think about the movies Netflix recommends to you; Netflix is able to do that based on the data it collects about your Friday night movie-bingeing habits. It’s the same thing with Amazon. It knows you bought a whole bunch of multivitamins last month and posits that you’re health-conscious. The next time a similar set of vitamins go on sale, it’s going to tell you.

Even The Times, since launching its Privacy Project, has been transparent with users about the data it collects on them. They use it to see how users interact with articles — how much time they spend on them, how often they share them, and on what platforms. This is, in part, so they can create a better experience for you. But it’s also to make money.

The Times shares and sells your data with advertisers and third-party companies, because to maintain a newsroom of its size requires money.

Whether you’re selling vitamins or running a publication, collecting data on your users is often necessary to support your operations and creating a better user experience.

But whether you’re a publisher, an app developer, a marketer, or anything in between, you need to be honest with your users about how you use their data and in what context.

Here are four tips for protecting your users’ privacy — and their trust in you.

1. Establish a culture of transparency from the jump

If you’re collecting or using your users’ data, be clear about it when they download your app, use your service, or read your articles. Explain it in a blog post, a message, an email. Interrupt their user experience with a pop-up if you have to. Explain it plainly and succinctly.

Go the extra mile to specify what they agree to when they use your service. This is what GDPR and California’s new privacy law require.

2. Explain how you use their information

Are you selling them things? Recommending new articles? Trying to create a more enjoyable experience for them?

Explain very clearly what you’re using their data for, where it goes, and how you protect it. The Times’ article about how they use data is a good example to follow. Post a piece of content on your site and promote it through your social channels. Make sure it lives somewhere that’s visible to users.

3. Give your users options

They should have the option of choosing what information they want to share, and what they’d prefer to keep private. It shouldn’t be an all-or-nothing proposition. Allow them to opt out of sharing certain kinds of data, like location-based data, but to opt in with other things.

At the same time, be transparent about the tradeoffs. If you’re Uber, you obviously need to know people’s locations in order to send a cab their way. If you’re Apple Music, you need to log their listening habits in order to recommend new songs. If people opt out, make sure they know what they’re going to miss.

But they should always have the option, and it shouldn’t be all or nothing.

4. Drive the point home

Again, interrupt the user experience if you have to. Explain, in layman’s terms, how you use their data and in what context. The Times’ explanation of how they use data (and why) is, again, a good template to follow. Basically, The Times needs to support its 1,600-person news operation, so they share and sell their users’ data. They also use that data to create better experiences for their users and to recommend new articles they might like.

In order to maintain the trust of your users, you need to maintain transparency. If you’re upfront from the get-go, explain your privacy policies well, give them chances to opt in or opt out, and drive the point home, you’ll win their loyalty.