Are you a member? Register or Login

Open Menu

What Is a Website Privacy Policy (And How to Write One)

Maybe you first noticed it in WordPress, when the admin started settings asking for a link to a privacy policy. Maybe you’ve been following news and the passing of GDPR. Or maybe you’ve just been talking it over with peers. Regardless, it’s probably time to include a privacy policy in website projects.

But with so much legalese, where do you start? What is a privacy policy? How do you write one?

Here, we have help! Since we aren’t lawyers, it’s always a good idea to have your counsel read over your policy, particularly if it gets complicated in any way.

The good news is that it doesn’t need to be earth-shatteringly complex to fairly quickly have a privacy policy on your site that covers off the most common issues.

The Ultimate Designer Toolkit: 1 Million+ Assets

Envato Elements gives you unlimited access to 1 million+ pro design resources, themes, templates, photos, graphics and more. Everything you'll ever need in your design resource toolkit.

See More

What Is A Privacy Policy?

how to write a privacy policy

Let’s start with what a privacy policy is.

It’s a document, typically a page, on your website that explains to users what information you collect about them when they visit your website and what you do with that information. This can include everything from using cookies to tracking elements for advertising.

Most websites create a privacy policy to provide transparency to users or because laws/legislation exists that require it based on your location or type of business.

A solid privacy policy includes a few key elements:

  • Notice of what information is collected
  • Choice for users to accept this data collection or not or change preferences
  • Access for users to see what data has been collected
  • Security that details how information is stored
  • Redress so that you know who to contact with issues or questions

Does Your Website Need One?

how to write a privacy policy

For simple blogs or websites without advertising, the answer might be no. But the minute you get into more complex offerings, advertising, exchanges of money or data having a privacy policy starts to matter even more.

It might even be required by companies that you do business with (Google’s AdSense platform requires it) and a trustworthy website can help boost search engine rankings. So why not?

General Data Protections Regulation (GDPR) is the most notable widespread sets of guidelines and requirements for website data and information. This legislation in the EU requires a privacy policy, and even has a checklist for compliance.

This legislation requires that a privacy policy includes the following:

  • What personal information you collect on your website
  • How you collect that data
  • How you use the data
  • How you keep the information secure and safe
  • If you share personal information with third parties
  • If a user can control use or sharing of his/her data on your website

You can use these GDPR guidelines for a privacy policy for any website in any country.

How to Write a Privacy Policy

how to write a privacy policy

So now that you feel the need to have a privacy policy how do you do it?

Start with an understanding of laws or legislation that impact your website. These can by location or industry-specific. requirements can and should shape your privacy policy.

Make sure to write the policy in an actually readable way. Avoid jargon and too much legal language.

Then think about the information on your website. How do you connect with users and what information do you ask for or collect? This can include anything from names and email addresses that are used to sign in the site or the IP address (date and time) from which they access your site.

Even if you collect this information through third-party software, it’s important to note. Then think about whether collecting the information is necessary. (You might find that you can streamline some processes here or ask for less personal data.)

Then you can break it down into sections that relate to how and what you collect and how you use it.

Make sure to write the policy in an actually readable way. Avoid jargon and too much legal language that can confuse website visitors or make the policy ineffective because it’s not understandable.

Consider using checklist-style formatting, which can make information easy to read and digest. While most websites do use bulking paragraphs of information, this isn’t always necessary.

Break the copy into headers that relate to key areas of privacy and data collection. You can even use the bullets from the “What is a Privacy Policy?” section above.

Finally, it is important to provide contact information or a link to your contact page. Users should be able to ask questions about the policy should they arise. Don’t make this too difficult.

Free Privacy Policy Generators

Why start from scratch where there are plenty of tools available to help you create a privacy policy. Here are a few that work well and won’t cost you anything. (Although you may still want to have your attorney read over it.)

Conclusion

A basic privacy policy is a good idea. You never know who might access your website and a little transparency never hurt anyone. It can also be a fun exercise to see how many of your visitors care about that information by peeking at analytics.

If you don’t have a privacy policy yet, it’s probably a good idea to add it to your to-do list. (And don’t forget to link to it in your website footer.)