What type of policy defines the appropriate handling of a customer's personally identifiable information (PII)?

The type of policy that defines the appropriate handling of a customer's personally identifiable information (PII) is typically referred to as a Privacy Policy. This policy outlines how an organization collects, uses, stores, and protects PII, as well as the rights of individuals regarding their information. Additionally, organizations may implement a Data Protection Policy or an Information Security Policy that includes specific guidelines on PII handling to ensure compliance with relevant laws and regulations (such as GDPR, CCPA, etc.), and to protect customer data from unauthorized access and breaches.