Personally identifiable information (PII) is anything that can be used to identify someone. This could include:
Depending on what information is collected, companies may need to include special clauses that pertain to that information specifically. Privacy policies are used to protect both customers and the company that is using them.
A privacy statement may be a physical document or it may be housed on a website. In today's world, however, you are more likely to see it on a website than anywhere else because the Internet is so prevalent and many people use it as their way of communicating with the companies that they do business with.