Frequently Asked Questions
There are a few shortcuts you can use to make sure all your main legal points are covered. If you use a website privacy policy template, or an internet-based privacy policy generator, you’ll often find less research is necessary. You can find plenty of free privacy policy information resources as well. Just be sure you use a reputable website. Here's a sample clause that TrueVault uses: How we protect and store your information. TRUEVAULT takes the security of the information it collects through its Site and Services seriously and in response implements a variety of security measures designed to reduce the risk of unauthorized disclosures and accidental destruction or loss of your Content and to maintain the safety of your personal.
![Policy Policy](/uploads/1/1/7/8/117836917/202446444.png)
A basic Privacy Policy needs to include the following:
Data Collection: An explanation of the type of data your websites collects and why you collect it.
Security of Personal Data: A clause which explains how you keep your Users personal data secure.
Personal Data Sharing: You need to include who Personal Data is shared with, if anyone.
Cookies: Outlines what cookies are and what types of cookies you use on your website.
Affiliate Disclosure:Disclose if your website uses affiliate links and earns a commission.
Privacy Policy amendments: How your website makes updates to this policy available to your Users.
To know more about what you need to include in your privacy policy, please refer to our articles on Privacy Policy.
Data Collection: An explanation of the type of data your websites collects and why you collect it.
Security of Personal Data: A clause which explains how you keep your Users personal data secure.
Personal Data Sharing: You need to include who Personal Data is shared with, if anyone.
Cookies: Outlines what cookies are and what types of cookies you use on your website.
Affiliate Disclosure:Disclose if your website uses affiliate links and earns a commission.
Privacy Policy amendments: How your website makes updates to this policy available to your Users.
To know more about what you need to include in your privacy policy, please refer to our articles on Privacy Policy.
- Read up more on your local data privacy laws now to make sure that your privacy policy is in line with the standards of your local laws. Sample free privacy policy template This privacy policy template will help you see how everything we talked about so far comes together to form a legal agreement.
- Shopify has a free privacy policy generator that can help make sure your business complies with the law. It’s really easy to use and gives you the customized policy as per your company’s products and services.
- If you’re not a lawyer, creating a privacy policy to protect your company and customers can be a serious headache. Our free privacy policy generator, which has been updated to include the requirements of the General Data Protection Regulation (GDPR), can help make sure your business complies with the law and encourages customer trust.
Data subjects rights: Does your website transfer any personal data to another country.
Details of the transfer of personal data to a third country: A clause which explains how you keep your Users personal data secure.
The right to lodge a complaint with the correct authority: You need to include who Personal Data is shared with, if anyone.
The right to withdraw consent: Outlines what cookies are and what types of cookies you use on your website.
Data retention: Disclose if your website uses affiliate links and earns a commission.
Automated decision making: How your website makes updates to this policy available to your Users.
To find out more on GDPR Compliance, please refer to the 7 key principles of GDPR & our other GDPR articles.
Where to put a privacy policy on your website?Details of the transfer of personal data to a third country: A clause which explains how you keep your Users personal data secure.
The right to lodge a complaint with the correct authority: You need to include who Personal Data is shared with, if anyone.
The right to withdraw consent: Outlines what cookies are and what types of cookies you use on your website.
Data retention: Disclose if your website uses affiliate links and earns a commission.
Automated decision making: How your website makes updates to this policy available to your Users.
To find out more on GDPR Compliance, please refer to the 7 key principles of GDPR & our other GDPR articles.
To be compliant with a number of International laws, including GDPR, CalOPPA and Australian Privacy Act 1988, your privacy policy is required to be in a prominent, easily located place on your website. Check out your options in this post.
Get Your Free Privacy Policy Template For Websites
How to create your GDPR compliant privacy policy?You can create your privacy policy by using our customizable privacy policy template. Use our free privacy policy generator to create a privacy policy suitable to your website in minutes. To learn more on how to create your privacy policy, terms & disclaimer using our generators, please refer to our post here.
Why do you Need a Privacy Policy for Google Analytics?Google Analytics, a free website analysis tool from Google, tracks traffic on your website by placing a cookie on visitors browsers and thereby collecting information. As part of Google Analytics Terms and Conditions you are required to have a privacy policy and secondly, you have begun to collect personal information so you are now required by law to have a privacy policy in place. Read our Article at https://privacyterms.io/privacy/google-analytics-privacy-policy/ to learn more.
A Privacy Policy is a document or statement that describes how a company gathers, uses, manages, and releases the information of customers or visitors to its website. By accessing the company’s website, users accept to have to having their information collected and disclosed in accordance with the company’s Privacy Policy.
A Privacy Policy may also be called:
- Privacy Statement
- Internet Privacy Policy
- Website Privacy Policy
- Privacy Notice
- Privacy Page
- Privacy Information Policy
Get Your Free Privacy Policy Template For Facebook Page
What is Described in a Privacy Policy?
INFORMATION
A Privacy Policy will describe what information a website or app collects. In general, websites collect two types of information – personally-identifying information and non-personally identifying information.
- Personally-identifying information is any information that on its own can be used to identify a specific person. Some examples of personally-identifying information include a person’s name, date of birth, address, email address, marital status, financial records, and medical history.
- Non-personally-identifying information is information that, without the aid of additional information, cannot be directly associated with a specific person. Some examples of non-personally-identifying information include a person’s internet protocol (IP) address, browser type, and location of other websites viewed before arriving at the website.
COLLECTION
The Privacy Policy will also describe how the company collects both personally-identifying information and non-personally-identifying information. This information can be collected by the website in a number of ways. The most common ways are:
User input: If a website requires users to register, users will usually have to provide personally-identifying information, such their name, address, telephone number, email address, age, and/or credit card number. In addition, a website might ask for other information from the user, such as interests, gender, user name, and other demographic information.
Derivative data: Most websites collect non-personally-identifying information that web browsers make available, including the user’s IP address, operating system, browsing history, and statistical data.
Web cookies: Web cookies are small text files that are stored on a user’s computer. Each time the user submits a query to the website, the user’s web browser sends the text file back to the website, allowing the website to keep track of users, remember important information and customize web pages.
Web beacons: A web beacon is small file embedded in an email or web page that allows websites to invisibly monitor a user and see if the user has viewed their content.
Social media: If users can connect their social media accounts to the website, certain information may be disclosed by the social media network to the website.
USE
A Privacy Policy must also disclose how the company uses the information that it has collected. Some of the ways websites use the information of their customers include:
General use: In general, websites will use the information it collects to help provide and deliver the services of the website and manage and maintain the website.
Email communications: Companies will often use their customers’ names and email addresses to deliver notices and announcements to those customers.
Analytics: A helpful tool for companies is to be able to track and analyze the activities of its users and the traffic on its website. Companies can use third-party vendors to allow such tracking data on their website.
If your company uses Google Analytics to track and report website activity and traffic, you are required by Google to have specific disclosures in your Privacy Policy explaining the use of these services.
DISCLOSURE
Lastly, a Privacy Policy must state how the company discloses any information of its customers, including, but limited to:
![Get Your Free Privacy Policy Template Get Your Free Privacy Policy Template](/uploads/1/1/7/8/117836917/544510665.jpg)
By law: Companies will have to disclose personal information if it is required by law.
Marketing: Sometimes companies will sell or give its customers’ email addresses to third parties who may send emails about additional products and services.
Business partners and affiliates: Personal information can also be shared with business partners and affiliates.
Third-party service providers: Companies will sometimes need to share personal information with third-party service providers that help them with the business, such as credit card processors.
Your Privacy Policy should also disclose the methods being used to keep your customer’s information safe.
Does My Website Need a Privacy Policy?
While there is no federal law in the United States requiring that websites establish a Privacy Policy, many states, and most other countries do require a website that collects and stores any personal information from its users to have one.
In the United States, the Federal Trade Commission (FTC) regulates laws and policies regarding the privacy practices of businesses and the protection of their customers’ personal information. The FTC also helps to enforce federal laws concerning the privacy of customers’ information, including the following:
- Fair Credit Reporting Act (FCRA), which limits how companies can obtain and use a customer’s credit and background reports.
- Gramm-Leach-Bliley Act, which requires financial institutions to clearly explain their information sharing practices and also restricts the sharing and use of specific financial information.
- Health Insurance Portability and Accountability Act (HIPAA) created a “Privacy Rule” that establishes a national set of standards of how health care service providers can use an individual’s protected health information.
- Children’s Online Privacy Protection Act (COPPA), requires websites that target and/or collect information from children under the age of 13 to post a Privacy Policy that complies with the COPPA requirements and also implements certain parental notice and consent requirements.
In 2012, the FTC released a report with guidance on Privacy Policy best practices for websites.
Even if your company or website is not in a jurisdiction that requires a privacy policy, the reach of your website may subject it to the laws of other states and countries. For example, California has enacted the California Online Privacy Protection Act of 2003 (CALOPPA) which requires any website collecting personal information to have a Privacy Policy posted on its website that is easily accessible to its users. Even if your website is not run from California, CALOPPA applies to any website that collects personal information from a California resident. Therefore it is likely that your website will be subject to the CALOPPA regulations.
The European Union has more established laws regarding privacy protection, including the Data Protection Directive (95/46/EC) and the E-Privacy Directive (2002/58/EC). These directives state that personal information of European Union residents can only be transferred to countries outside of the European Union that have policies with an adequate level of protection.
Although the United States is not currently on the “approved list” of countries, the EU-U.S. Privacy Shield provides a framework for U.S. companies to receive the transfer of personal information from the European Union.
Therefore, if you are a website that gathers, stores, or uses personal information and data from clients and users, you should have a Privacy Policy for your website. You also need to make sure that you adhere to the promises and disclosures set forth in that policy.
A mobile application also collects personal information and should have a Privacy Policy as well. In 2012, the California Attorney-General brought a claim against Delta Airlines seeking to impose upwards of $38 million dollars in fines after Delta failed to include a Privacy Policy in its mobile application.
Consequences of Not Having a Privacy Policy
If you are a company without a Privacy Policy on your website, you risk violating various laws regarding privacy disclosure and maintenance requirements and may be subject to civil and criminal lawsuits and hefty fines. If you are a website user or client who chooses to access a website that does not have a Privacy Policy or who fails to read the posted policy about how that website will handle your private information, you risk sharing and exposing personal information and having it end up in the hands of complete strangers. Financial and social consequences can be severe if things like your credit card or social security number are leaked and circulated.
A Privacy Policy can help prevent the following for both companies and users:
Get Your Free Privacy Policy Template
Company | User |
---|---|
Paying hefty fines or having your website shut down | Having your financial information shared and used for fraudulent transactions |
Being sued by users for improper disclosure of personal information | Having your social information posted online and used for illegal activity, character assassination, or unapproved use |
Compromising a user’s personal safety | Having your location data posted online and receiving unwanted visitors |
Lack of trust and credibility | Skepticism and apprehension about doing continued business with a company |