Privacy

Products

Templates

Resources

About

Search


"No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties". 

Sign Up

Privacy Policy Template

Written by

William Blesch

Legal and data protection research writer at TermsFeed.

Reviewed by

Sara Pegarella

Widener University School of Law graduate, Managing Legal Editor at TermsFeed.

A Privacy Policy is a legal document that informs the public about the data you collect, how you collect it, and how you use it, as well as other important details about your privacy practices.

This article will explain in further detail what a Privacy Policy is, why and when one is legally required, and how to create and display your own.

We've also put together a Sample Privacy Policy Template that you can use to help write your own.


What is a Privacy Policy?

A properly written Privacy Policy tells customers what data you collect about them when they engage with your business (e.g., through your website) or purchase one of your products/services, and why you're collecting that information. It also lets people know how long their information will be stored, who can access these records and more.

The Privacy Policy agreement from termsfeed

So, a good Privacy Policy should outline what data is being collected and explain why you're collecting it, who has access to it, and the time frame during which you plan to store it. It should also include any third parties with whom your company shares personal or private information, as well as any steps taken to ensure the security of such information.

Our Privacy Policy Generator makes it easy to create a Privacy Policy for your business. Just follow these steps:


A Privacy Policy is Required by Law

Privacy Policies are required by law to be posted on your website. You may be required to include specific clauses in your Privacy Policy, depending on the applicable laws within your area or where you are conducting business.

In fact, privacy laws are in place in many countries around the world, including the following:

Third Party Services Require a Privacy Policy

Many third-party services that you use to improve your website's user experience, monitor analytics, or display ads require you to post a Privacy Policy.

You should provide clauses detailing how you use third-party services, APIs and SDKs.

Just some of the most popular third-party services, which require you to post a Privacy Policy are:

A few of the reasons these third-party services require you to post a Privacy Policy and disclose your usage of their cookies and services are due to the fact that they place cookies on your visitors' computers. They also collect information about them whenever they visit your site, such as their browsing habits, the device used, and so on.

Always be Transparent in Your Privacy Policy

A transparent and complete Privacy Policy agreement, which explains exactly what information a company collects and how it uses that information, inspires trust in a business.

Trust is essential for companies whose business models are based on sensitive customer data. Users feel secure knowing they have control over their personal information under the terms they signed up for.

Your Privacy Policy should explain to your users how your app or website handles personal data. Your users should also be aware of the reasons for collecting information and how long they will be kept on your servers.

You must disclose even if you do not collect any personal information. Because users expect transparency, it helps to have a Privacy Policy. Users may believe that you are collecting too much personal information and not disclosing any.

The SwissCows search engine doesn't track or store user searches. Its Privacy Policy says that it only collects the data that is necessary to provide its services and stores it in an anonymized way:

Conduct a privacy audit to ensure transparency and accuracy in your Privacy Policy. This will enable you to determine your business's privacy practices and what information you must disclose to your users through an appropriately transparent Privacy Policy.

What Should You Include in Your Privacy Policy

Your Privacy Policy will contain a variety of clauses depending on your business type and applicable law. Accordingly, there are certain clauses that every website, which collects personal data from visitors, should include in their Privacy Policies.

It should be structured to make it easy for the reader to understand essential information. You can achieve this by using well-structured, clearly written clauses that are clearly identified with descriptive headlines.

With that in mind, let's take a look at what you should include in your Privacy Policy.

What information do you collect?

Letting your website's visitors know what information you collect is an essential part of any Privacy Policy. This clause is crucial to let your users know from the beginning if you intend to collect data that they are comfortable sharing.

For instance, a website could use a registration form to collect an individual's email address, which the company then adds to its mailing list. This is very different from an app that collects all kinds of personal data, such as name, address, payment information, and location.

The point here is that there is a worldwide consensus that users have the right to know exactly what kind of data you collect.

Here's an example of a clause that lets users know what kinds of information it uses and collects:

You must also keep in mind that privacy laws generally stipulate that you may only collect personal information if necessary to offer the services you provide.

What do you do with the information you collect?

This clause informs the user about what happens to their personal data after it is collected.

A website might collect information such as a user's address and name in order to ship products purchased online. This information is essential and is not collected more than necessary. This is very different from a website that collects users' names and addresses and then sells it to a third party for marketing purposes.

Both websites collect the same information, but it is vital that you disclose how this information is used once it has been collected.

Here's an example of how to disclose what is done with the information a business collects:

How is collected information kept safe?

Personal data that is collected from an individual must be kept secure and only accessible by authorized personnel. You must implement appropriate security measures if you are trusted with handling personal data about users.

For example, to prevent unauthorized people from stealing or hacking your customer's credit card information, you need to secure it behind firewalls.

Data breaches have been affecting millions of internet users over the last few years. Many of those affected faced severe legal and financial consequences. You are responsible to make sure that personal information is not lost or misused if you store it.

Here's an example of how you can disclose how data is secured:

Do users under the age of 13 use your website?

This clause is only applicable to specific websites and apps. It is regulated primarily under COPPA (the Children's Online Privacy Protection Act). COPPA imposes special requirements on apps and websites that collect data about children. It is vital to protect the privacy of all people, but it is crucial for minors.

This is why there is an additional clause in the Privacy Policy for websites and apps that target children.

You must comply with COPPA regulations if young people use your app or website.

Here's an example of a clause addressing children's personal information:

Do you handle medical data?

Extra-sensitive information such as medical information is subject to additional regulation. The main law that covers additional measures for apps and websites that contain medical and health information is HIPAA (the Health Insurance Portability and Accountability Act of 1996).

If your website or app collects health or medical information, you must comply with HIPAA regulations. Note how the health insurance company Kaiser Permanente provides a link to its HIPAA privacy notice within its main Privacy Statement:

Do you handle financial or credit data?

For obvious reasons, financial information requires greater privacy protections than usual. Because financial information and credit are more sensitive than usual, several laws govern what steps must be taken by companies to protect their users from identity theft and fraud.

You must comply with all laws governing financial information and credit information that you offer on your website or app. Kaiser Permanente has a simple statement on this subject.

Does your website or app utilize third-party services?

Privacy Policies often disclose information about third-party services used by websites. It is important to disclose information about third-party usage because the Privacy Policies of third parties may differ from yours. Users need to know who has access and what their own unique policies are, since this may affect their data.

A website might use a third-party credit card processor to process transactions. Although the website does not store or handle this transaction information, users need to be able to see who has access to their credit card information and what they do with it.

It can be as simple as providing the name of the third party and explaining why it is being used. The user can then read the third party's Privacy Policy to confirm their agreement with your website's policies.

Here is an example of this type of clause:

Privacy Policy FAQs

Here is a list of frequently asked questions that you may find useful.


Privacy Policy Examples

Whether your website, mobile app, desktop or web app collects personal data from users, you must post a Privacy Policy. Many websites include a link to their Privacy Policies in the homepage footer or main navigation menu.

Let's look at some Privacy Policies on popular news websites.

The New York Times

The New York Times has the following sections in its Privacy Policy:

This list is a great place to start for most Privacy Policies.

The National Review

The National Review has the following sections in its Privacy Policy:

While this policy is shorter, it still covers all the key areas and is worth checking out for inspiration and guidance on your own Privacy Policy's content and structure.

How to Display and Get Agreement to a Privacy Policy

Privacy laws require that your Privacy Policy be displayed in a way that's easy for users to access at any time. You must also get users to consent, or agree to, your processing of their personal data as stated in your policy.

When it comes to displaying your Privacy Policy, you should start with adding a link within your website's footer. This will make the policy visible and accessible from every page of your site, and people are familiar with looking here for legal agreements and important information.

Here's an example of how you can display a Privacy Policy in a site footer:

Other common places to include your Privacy Policy link are in forms where you request personal information, such as when a user creates an account with you:

Or when they sign up to receive marketing emails from you:

To obtain consent from users, ask them to check a box such as an "I Agree" checkbox next to a statement that clicking it shows agreement to your Privacy Policy. Link your Privacy Policy to this consent mechanism as well, as seen here:

Summary of What a Privacy Policy Is

Your Privacy Policy is not just a legal requirement but also an opportunity to communicate your company's values. Think of it like the "About Us" section on your website, only more important.

It should be accurate and up-to-date with any changes in policy or practices so that you don't run into problems down the line.

Your website, web app or mobile app may collect personal data. If so, you will likely be required by law or third-party services to provide a Privacy Policy to your website/app.

Be sure to include sections on:

Finally, don't be tempted to copy or use another business's Privacy Policy. The one you're copying might not be right for your business. Let's take, for example, the text of a competitor who is in the same industry.

You may be doing business differently than they are. Your competitor might collect different types of information or share it with other third parties than you do. Of course, you could edit the Privacy Policy you're copying from to make it more appropriate for your business.

But is that time better spent growing your business or creating cobbling together a Frankenpolicy?

Download Sample Privacy Policy Template

Generate a Privacy Policy in just a few minutes

We understand that writing your own Privacy Policy can seem like a daunting task. Therefore, to help you put one together without snatching your competitor's or cherry-picking bits and pieces here and there, you can use a template. Templates can provide structure and inspiration, which is a great starting point.

Alternatively, we recommend using our Privacy Policy Generator. It is a powerful tool that will ask all the right questions regarding your business and the types of information you collect. The tool will use your answers to create a professional Privacy Policy tailored to your requirements and needs.

Our Sample Privacy Policy is available for download, for free. The template includes these sections:

Sample Privacy Policy Template (HTML Text Download)

You can download the Sample Privacy Policy Template as HTML code below. Copy it from the box field below (right-click > Select All and then Copy-paste) and then paste it on your website pages.

Sample Privacy Policy Template (PDF Download)

Download the Sample Privacy Policy Template as a PDF file

Sample Privacy Policy Template (Word DOCX Download)

Download the Sample Privacy Policy Template as a Word DOCX file

Sample Privacy Policy Template (Google Docs)

Download the Sample Privacy Policy Template as a Google Docs document

More Privacy Policy Templates

More specific Privacy Templates are available on our blog.

Sample Privacy Policy Template

A Privacy Policy Template for all sorts of websites, apps and businesses.

Sample Mobile App Privacy Policy Template

A Privacy Policy Template for mobile apps on Apple App Store or Google Play Store.

Sample GDPR Privacy Policy Template

A Privacy Policy Template for businesses that need to comply with GDPR.

Sample CCPA Privacy Policy Template

A Privacy Policy Template for businesses that need to comply with CCPA.

Sample California Privacy Policy Template

A Privacy Policy Template for businesses that need to comply with California's privacy requirements (CalOPPA & CCPA).

Sample Virginia VCDPA Privacy Policy Template

A Privacy Policy Template for businesses that need to comply with Virginia's VCDPA.

Sample PIPEDA Privacy Policy Template

A Privacy Policy Template for businesses that need to comply with Canada's PIPEDA.

Sample Ecommerce Privacy Policy Template

A Privacy Policy Template for ecommerce businesses.

Small Business Privacy Policy Template

A Privacy Policy Template for small businesses.

Privacy Policy for Google Analytics (Sample)

A Privacy Policy Template for businesses that use Google Analytics.

Sample CalOPPA Privacy Policy Template

A Privacy Policy Template for businesses that need to comply with California's CalOPPA.

Sample SaaS Privacy Policy Template

A Privacy Policy Template for SaaS businesses.

Sample COPPA Privacy Policy Template

A Privacy Policy Template for businesses that need to comply with California's COPPA.

Sample CPRA Privacy Policy Template

A Privacy Policy Template for businesses that need to comply with California's CPRA.

Blog Privacy Policy Sample

A Privacy Policy Template for blogs.

Sample Email Marketing Privacy Policy Template

A Privacy Policy Template for businesses that use email marketing.



Comprehensive compliance starts with a Privacy Policy.

Comply with the law with our agreements, policies, and consent banners. Everything is included.

Generate Privacy Policy

Disclaimer

This article is not a substitute for professional legal advice. This article does not create an attorney-client relationship, nor is it a solicitation to offer legal advice.

Last updated on

12 May 2024

Appears in

Category

Related articles

Having a Terms and Conditions agreement for your SaaS app can help you control your app better, while at the same time limiting reasons why your users can bring legal action against you. It's a crucially important legal document for every SaaS app to have. This article will explain exactly what...

Flurry Analytics is a feature of Flurry that lets app publishers track analytical information about how an app is being used. Platforms like Flurry collect non-personally-identifying information about users like what model and type of device a user is accessing the app on, what language, date and time the app is...

A Data Protection Officer (DPO) is an independent professional tasked with overseeing a company's data protection strategy and ensuring compliance with data privacy laws. Since the arrival of the General Data Protection Regulation (GDPR), appointing a DPO has become mandatory for many organizations worldwide and a best practice in general. This article...

Legal compliance is now a breeze.

Comply with the law with our agreements, policies, tools and cookie consent banners. Everything you need is included.

Sign Up

Products

Templates

Resources

Company

Disclaimer: Legal information is not legal advice, read the disclaimer. The information provided on this site is not legal advice, does not constitute a lawyer referral service, and no attorney-client or confidential relationship is or will be formed by use of the site.

   

Copyright © 2012 - 2024 TermsFeed®. All rights reserved.

Termly