How to Create a Privacy Policy for Your Website

A privacy policy is a document you simply can’t afford to skip in the modern internet world. Privacy policies tell your visitors what information you collect from them when they visit your site.

Even if you think you don’t collect any data, you probably do. Most websites collect cookies to help them remember some information about you to allow faster loading and usage times when you visit again, for example. Cookies are also used for advertising strategies such as Facebook retargeting and Google remarketing. Others may collect email addresses for email newsletter marketing.

A privacy policy not only protects your visitors by keeping them in the loop about the information they’re giving away, but it also protects you and your site. By disclosing the information in your policy to your visitors, you protect yourself if a legal situation arises about the use of data on your website.

Creating a Privacy Policy for Your Website

Ideally, you should have a privacy policy in place before your website goes live. If your site is already up and running, you’ll need to get a privacy policy up as soon as possible. The following steps will help you write yours:

Step 1: Find a Sample Privacy Policy Online

How to Create a Privacy Policy for Your Website: GitHub Privacy Policy Example

Screenshot of GitHub’s Privacy Policy

Copying a privacy policy from another website is never a good idea. The information in that policy differs from the information you’ll need in yours, and you can find yourself in hot water with plagiarism. However, browsing other websites and reading through their privacy policies can give you a better idea of their structure and pertinent information.

You can also do a Google search for sample privacy policies. Note that your policy may need different information than the samples you find, but again, they’re good starting points to get you on your way. FreePrivacyPolicy.com has a helpful breakdown of comprehensive privacy policies from top companies on the web.

Step 2: Know What to Include

How do you know what to include in your privacy policy? Your sections will vary depending on what your business and website do. Most privacy policies, however, need the following sections:

  • What information your site collects (like visitors’ names, email addresses, or nationality) and how you use it
  • How you store data and for how long
  • How your website tracks visitors and uses cookies
  • Information for visitors outlining how they can opt-out of data collection or modify or delete their information
  • Security information for data protection
  • Contact information for your business
  • How you’ll notify visitors of changes to your policy

You should also look over specific laws that govern privacy for different groups and add separate sections to your policy that detail what you’re doing to comply with relevant laws like GDPR. The EU General Data Protection Regulation (GDPR), for example, protects European Union citizens from digital privacy violations. The Children’s Online Privacy Protection Act (COPPA) ensures that websites handle data collection appropriately for children under the age of 13. The state of California even has its own law – CalOPPA – to protect Californians from personal data breaches.

Step 3: Understand What Data Third Parties Collect

How to Create a Privacy Policy for Your Website: Understand What Data Third Parties Collect

Most third-party services you use on your site – like an email list builder or an ad network – require you to have a privacy policy in place. It’s a good idea to understand what information those third parties collect so that you can outline the details in your policy.

You can also list out the third-party services you use and link to their own privacy policies, so your visitors can understand how those services use their information.

Step 4: Use an Online Generator

There are several online privacy policy generators available that walk you through building your privacy policy. Although many of them won’t give you a truly customized privacy policy, they do help you form a base for the document that you can modify and add to. Here are a few to try:

Step 5: Have an Attorney Look Over Your Policy

Before you set up your privacy policy on your website, have an attorney who’s well-versed in the digital space look it over. Your attorney will ask you about your site, what you do with it, your visitors, and what third-party services you use to ensure that you have everything covered in your policy.

Build Your Site’s Privacy Policy

When it comes to a privacy policy for your website, it’s best to err on the side of caution. Give your visitors as much information as you have and explain it in a way that’s easy for the average reader to understand. The ShareThis GDPR Compliance Tool is just one handy tool you can use to keep your website compliant with regulations like GDPR by asking for consent to collect and use data from your visitors. You can install it in just three simple steps, so you can quickly boost your site’s compliance.