Even if you think you don’t collect any data, you probably do. Most websites collect cookies to help them remember some information about you to allow faster loading and usage times when you visit again, for example. Cookies are also used for advertising strategies such as Facebook retargeting and Google remarketing. Others may collect email addresses for email newsletter marketing.
You can also do a Google search for sample privacy policies. Note that your policy may need different information than the samples you find, but again, they’re good starting points to get you on your way. FreePrivacyPolicy.com has a helpful breakdown of comprehensive privacy policies from top companies on the web.
Step 2: Know What to Include
- What information your site collects (like visitors’ names, email addresses, or nationality) and how you use it
- How you store data and for how long
- Information for visitors outlining how they can opt-out of data collection or modify or delete their information
- Security information for data protection
- Contact information for your business
- How you’ll notify visitors of changes to your policy
You should also look over specific laws that govern privacy for different groups and add separate sections to your policy that detail what you’re doing to comply with relevant laws like GDPR. The EU General Data Protection Regulation (GDPR), for example, protects European Union citizens from digital privacy violations. The Children’s Online Privacy Protection Act (COPPA) ensures that websites handle data collection appropriately for children under the age of 13. The state of California even has its own law – CalOPPA – to protect Californians from personal data breaches.
Step 3: Understand What Data Third Parties Collect
You can also list out the third-party services you use and link to their own privacy policies, so your visitors can understand how those services use their information.
Step 4: Use an Online Generator
Step 5: Have an Attorney Look Over Your Policy