Privacy Policy Template: What Is It?

A privacy policy template is a sample of a privacy policy, which explains to website users what kind of data you are collecting from them and what you will do with it. If you collect personal data, a privacy policy is required by law. Personal data includes anything that the user might feel is personal, including their email address, their first and last name, their billing or shipping address, or their credit card details.

A privacy policy is a legal document and is also sometimes called a privacy statement, privacy notice, privacy information, or a privacy page.

Who Needs a Privacy Policy?

If you have any of the following, you need a privacy policy:

  • Website
  • Blog
  • E-commerce store
  • Mobile app
  • Facebook app
  • Desktop app
  • SAAS app
  • Other digital products,

You also need a privacy policy if you use Google AdSense.

The Basics of Privacy Policies Around the World

Rules and regulations for privacy policies vary depending on where you are based and what legislation you fall under.

EU Regulations

There are two laws that affect privacy policies in the EU. The Data Protective Directive means that websites or mobile apps that use the personal data of users must have a privacy policy. The ePrivacy Directive is for when your users’ data is directly or indirectly displayed to or used by a third party.

If you are doing either of these things on your website and you are operating within the EU, you must disclose this information in your privacy policy.

U.S. Regulations

In the U.S., there are no overall laws regarding privacy policies. It can vary state to state. California is the most regulation heavy when it comes to privacy policy regulations.

  • The Gramm-Leach-Bliley Act obliges companies to display clear and accurate information about their data collecting practices. It also limits the usage and sharing of users’ financial data.
  • The COPPA law is for websites that take information about children under 13. If you do this, you are legally obligated to display a privacy policy.
  • The Content Eraser law applies if you collect data from minors (under the age of 18). This means that you have to have an easy way for minors to delete the information or content that they have posted on your service.
  • The California Online Privacy Protection Act requires all California-based organizations to obviously display a privacy policy if they collect any data from their users.
  • The Student Online Personal Information Protection Act (SOPIPA) is a California regulation that prohibits websites from sharing data from K-12 students and using that information for direct advertising to these students for a non-educational purpose.

Canada Regulations

Canada has the Personal Information Protection and Electronic Documents Act (PIPEDA). This law states that there are certain limits and that companies need to organize personal data that they are gathering and using, and they must disclosure this information to their users.

Australia Regulations

Australian companies are required by law to have a privacy policy if they are collecting any sort of personal information from their users. The policy needs to mention not only what kind information you are collecting, but also why you are collecting it.

What to Include in A Privacy Policy

What you include in your privacy policy will depend on what information you are collecting, how you are collecting it, and what you are doing with it.

If a third party – such as an app or email marketing website – is involved in collecting the personal information, you will need to disclose that.

Some of the most important things to cover are:

  • What personal information you are collecting through your website.
  • Any information about cookies you use.
  • How you are using the personal information you collect.
  • If you will be disclosing their details to a third party, you must explain why and in what capacity.
  • Further information about the security of the data you collect and how you are keeping it safe.
  • Explain how the user is able to control their information once it has been given.
  • Let the user know that changes can be made at any point in the policy, so they should review it regularly.
  • Contact information where the user can reach you regarding questions they have about the policy.
  • You may also mention that users have a right to view and verify the information you collect about them.

Problems That Arise From a Privacy Policy

Simply having a privacy policy isn’t enough to ensure you are cooperating with privacy laws. Law enforcement can fine websites whose privacy policies are well-intentioned, but wrong.

  • A statement like, “We will not share your information with any third party,” could get you into a lot of trouble. This is most likely untrue. When it comes to the internet, there may be a lot of third party companies that you are sharing your users’ information with. This includes, but is not limited to, your site’s hosting company, your user’s own ISP, the mail service delivering any purchases made by your customers, or the bank that takes your credit card payments.
  • Another statement that causes some businesses problems is, “We collect your personal information using the forms you fill out on this site.” While you may be using a form to collect information, you are also likely collecting personal information about your website’s users from text messages, e-mails, phone calls, and posts, or from other outside sources. Be sure to state every location from which you collect information.
  • Your privacy policy must remain correct at all times. If the information you are collecting, how you are collecting it, or the way in which you are using it changes, you must update your privacy policy.

How to Share Your Privacy Policy

There are two ways of sharing your privacy policy with users. You can use one or both of these methods on your website.

  • Browsewrap means you simply put a link in the footer of your website that when clicked, takes the user to your privacy policy.
  • Clickwrap is when a website tells their users of the privacy policy when they sign up for an account. They will immediately be asked to read and agree to the policy.

Why Use a Privacy Policy Template?

Privacy policies aren’t very easy to make, so using a template is a great way to get started and make sure you don’t miss out on any information that is required. You do not want to take this matter lightly. You can get into trouble with your customers and the law if you don’t have a privacy policy or if you have a one that does not cover all of the correct information.

Examples of Privacy Policies

Starting with the UpCounsel privacy policy template is an easy and effective way to ensure that you are covering all of the valuable information required in a privacy policy. Depending on your type of business, you may want to look at different privacy policy templates as well.

If you need help with privacy policy templates, you can post your question or concern on UpCounsel’s marketplace. UpCounsel accepts only the top 5 percent of lawyers to its site. Lawyers on UpCounsel come from law schools such as Harvard Law and Yale Law and average 14 years of legal experience, including work with or on behalf of companies like Google, Stripe, and Twilio.