how to write privacy policy

In this article, we will discuss the elements of a Privacy Policy to help you better understand the constructs of an effective Privacy Policy agreement that instills faith and trust in your visitors, readers, audience, customers and protects you from a number of liability issues.

What Is Privacy Policy?

Privacy Policy is the document that outlines which information about the users you collect, where this information is stored, and how it will be treated. Chances are when operating your website or a mobile app, you will need to collect, process, and store private user information. When doing it, you will have to comply with the privacy laws of the country where you operate or the country where your users come from. The first step in making your service compliant – is creating and publishing the privacy policy for your website or application.

The exact contents of a certain privacy policy will depend upon the applicable law and may need to address requirements across geographical boundaries and legal jurisdictions. Most countries have their own legislation and guidelines of who is covered, what information can be collected, and what it can be used for. In general, data protection laws in Europe cover the private sector, as well as the public sector. Their privacy laws apply not only to government operations but also to private enterprises and commercial transactions

Do you have a website, blog, or app on the internet? If yes, then you absolutely need to have a Privacy Policy for it. Today, online privacy is more important than ever. Everyone should care about privacy and comply with the privacy laws of the respective jurisdiction.

Many countries have enacted information privacy laws that you are required to follow if you collect information about your users. Likely, your website or mobile app collects, at the very least, the names and email addresses of your users. Often online services ask for more information such as phone number, residential address, location, financial details, etc.

Privacy Policy History

In 1968, the Council of Europe began to study the effects of technology on human rights, recognizing the new threats posed by computer technology that could link and transmit in ways not widely available before. In 1969 the Organisation for Economic Co-operation and Development (OECD) began to examine the implications of personal information leaving the country.

All this led the council to recommend that policy be developed to protect personal data held by both the private and public sectors, leading to Convention 108. In 1981, the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108) was introduced. One of the first privacy laws ever enacted was the Swedish Data Act in 1973, followed by the West German Data Protection Act in 1977 and the French Law on Informatics, Data Banks and Freedoms in 1978.

In the United States, concern over privacy policy starting around the late 1960s and 1970s led to the passage of the Fair Credit Reporting Act. Although this act was not designed to be a privacy law, the act gave consumers the opportunity to examine their credit files and correct errors. It also placed restrictions on the use of information in credit records.

Several congressional study groups in the late 1960s examined the growing ease with which automated personal information could be gathered and matched with other information. One such group was an advisory committee of the United States Department of Health and Human Services, which in 1973 drafted a code of principles called the Fair Information Practices. The work of the advisory committee led to the Privacy Act in 1974. The United States signed the Organisation for Economic Co-operation and Development guidelines in 1980.

In Canada, a Privacy Commissioner of Canada was established under the Canadian Human Rights Act in 1977. In 1982, the appointment of a Privacy Commissioner was part of the new Privacy Act. Canada signed the OECD guidelines in 1984.

Personal information about an individual may include the following:

  • Name
  • Address
  • Email
  • Phone number
  • Age
  • Sex
  • Marital status
  • Race
  • Nationality
  • Religious beliefs

Why Do I Need a Privacy Policy Statement? Privacy Policy statement is needed for every website
First of all, you need a Privacy Policy statement for your website or app to make a written commitment to guarding the privacy of your users. When collecting private information, you become responsible for this data.

Depending on the countries where you are incorporated or operate, you might be subject to the privacy laws, that in most cases, would require you to have a written and published Privacy Policy. If you decide to publish your app in the app stores, start accepting the payments or monetize your website using ads, you will also likely need to provide the link to the privacy policy of your service.

When operating a website or mobile app, you should be ready to answer questions that your users, business partners, or authorities might have about the privacy policy of your service. If you work with other businesses, you will likely need to share with them your privacy policy and make sure you abide by it.

Around the world, laws and regulations have been developed for the protection of data related to government, education, health, children, consumers, financial institutions, etc.

This data is critical to the person it belongs to. Data privacy and security binds individuals and industries together and runs complex systems in our society. From credit card numbers and social security numbers to email addresses and phone numbers, our sensitive, personally identifiable information is important. This sort of information in unreliable hands can potentially have far-reaching consequences.

Companies or websites that handle customer information are required to publish their Privacy Policies on their business websites. If you own a website, web app, mobile app or desktop app that collects or processes user data, you most certainly will have to post a Privacy Policy on your website (or give in-app access to the full Privacy Policy agreement).

There are several reasons for a website to post its Privacy Policy agreement on its website.

Here are some of the main reasons:

  • Required by the law
  • Required by third party services
  • Increases Transparency

Let’s take a look at each of these reasons in more depth.

A Privacy Policy is Required by the Law

For individuals to feel comfortable sharing their personal information on the internet, there should be some sort of legal responsibility on businesses to protect that data and keep the users informed about the status and health of their information.

Countries around the world have realized the need to protect their citizens’ data and privacy. Businesses and websites that collect and/or process customer information are required to publish and abide by a Privacy Policy agreement.

A majority of countries have already enacted laws to protect their users’ data security and privacy. These laws require businesses to obtain explicit consent from users whose data they will store or process.

A few of these laws include the following:

For a business or a website that collects and processes user information in a certain region or country, it is very important to have complete knowledge of the data and privacy protection laws enforced in that region and the region your customers and end users are in. Non-compliance with these laws can result in hefty fines or even prosecution against the violator.

In some cases, businesses have to follow laws specific to states or regulations specific to industries.

While data protection and privacy laws differ from region to region, a Privacy Policy must comprehensively inform its users about how their data will be used.

For example, the GDPR is currently the most robust privacy legislation in the world and one of its main requirements for any business that falls under its jurisdiction is to have a GDPR-compliant Privacy Policy that contains some very specific information and is written in an easy-to-understand way.

Whether your website is a self-help blog or a game hosted at Google Play, it is your responsibility to give your end users complete information about how any associated third-parties will collect and process their data and (if possible) to what purpose.

A Privacy Policy is Required by Third Party Services

Apart from governing laws, some websites like Apple, Amazon, and Google require website and app owners to post a Privacy Policy agreement if they use any of their services.

Many websites and apps use in-page/in-app advertising by third parties to generate revenue. As these ads also collect user data, third parties require the websites or apps to ask their users’ permission for sharing their personal data. If you are a Google app developer, the Privacy Policy Guidance requires that you inform your users about what data you collect, why you collect it, and what you do with it.

Some of the most popular third party services require website and app owners to post Privacy Policy agreements on their websites. Some of these services include:

  • Amazon Affiliates
  • ClickBank
  • Google Play Store
  • Google Analytics
  • Google AdSense
  • Google AdWords
  • Facebook Apps
  • Twitter Lead Generation
  • Apple’s App Store

Third-party vendors like Google, Facebook, and Amazon require their users (website and app owners) to explicitly inform their users if they’re using advertising features, cookies, or tracking services on their websites/apps in order to deliver better user experiences based on prior browsing behavior.

A Privacy Policy For Increased Transparency

Companies whose business models revolve around handling sensitive customer information find it incredibly important to establish trust with their users. A clear and comprehensive Privacy Policy agreement that tells users exactly what information the company collects and what it does with that information inspires confidence in a business. It gives users a sense of security knowing how much control they have over their personal data under the conditions they sign up for.

Your Privacy Policy agreement should inform your users about how your website or app handles their personal information. Your users must be also be informed about the reason for the collection of information, as well as how long their data will be stored on your servers.

Even if you don’t collect personal information, you should disclose this fact in a Privacy Policy. It helps with transparency because users expect to see a Privacy Policy. If you don’t have one at all, users may assume you’re collecting a lot of personal information and not disclosing it rather than not collecting any.

How To Generate Privacy Policy With Privacy Policy Generator

There are a lot of online tools you can use to generate privacy policy for your website or app. One of them is the privacy policy generator, a free online tool that will help you create privacy policy for your site or app. All that you need is to provide few information and the privacy policy generator will the rest of the work. So let get started!

Step 1: Visit the privacy policy generator:

The first page that comes says “Privacy Policy Generator, Get FREE Privacy Policy Now!, Answer Only8 Questions To Get GDPR Compliant Privacy Policy In Under 3 Minutes!”

The first of the 8 questions is “What is your website domain name”? Kindly provide the answer in the space below it and hit the next button.

Domain Name In Privacy Policy

After you hit the next button above you’ll be taken to the second page. The question on the second page is “What is your company name? ” Here, use your official company name. If you don’t have a registered company name yet, just use your website name, App Name, Blog Name, Brand Name, Product or service instead. Don’t forget to hit the next button when done!

Company Name In Privacy Policy

The next page is to comes with the question “In which country do you store and process user personal data?” Here, you to Specify the country where your servers are physically located. Just put in the country in which your server is located and hit the next button.

Server Location In Privacy Policy

The next page asks whether you accept payments on site or app. Choose “Yes” if you do otherwise select “No” and hit the next button to continue with the process.

Payments information In Privacy Policy

On the next page, choose “Yes” if you show ads on the site or app, otherwise select “No” and hit the next button to proceed.

ads information in privacy policy

Determine if required by law or by a government agency, you will disclose the personal information of users to law enforcement agents? choose “Yes” if you will, otherwise select “No” to decline, hit next to continue.

disclosure of information in privacy policy

If you ask your users for location information, Select “Yes” otherwise, select “No” , hit the next button to continue.

location information in privacy policy

Choose the “Effective” date for your privacy policy and your email address in the required spaces provided respectively. Hit the “finish” button to get your privacy policy.

effective date and email address in privacy policy

Now that you’re done with the process, just copy the privacy policy to your clipboard, head over to your site or where appropriate and paste it there. You’re done! Alternatively, just highlight the content provided and copy and paste it to where appropriate!

 Privacy Policy Generator

How To Write Privacy Policy From Scratch

IF you don’t want to use the privacy policy generator, follow the guidance below the write yours from scratch. To be transparent with your users about what personal information you collect and what you do with it, you are required to publish a Privacy Policy agreement on your website or give in-app access to it.

Websites usually post a link to the complete Privacy Policy agreement from the footer of the website, whereas apps generally add the Privacy Policy to an “About” or “Legal” menu.

Another popular location for eCommerce store apps and websites is the checkout page, or account registration page if you don’t have an eCommerce component but allow users to create accounts.

Example of Privacy Policy

Examples of Useful Clauses for Your Privacy Policy

Your Privacy Policy must be accurate and easily comprehensible, with all the necessary information required by laws and for transparency.

Generally speaking, every Privacy Policy agreement should have at least the following clauses:

  • What information is collected and how
  • How is the information used
  • How is the information stored and protected
  • Company contact information
  • Use of cookies, log files and tracking
  • How a user can opt out of data collection/usage

Here’s each one in action.

What Information is Collected and How

Privacy Policy agreements inform users what information is collected from them. This includes information users voluntarily and actively provide when they register to use services, as well as information that may be collected from them automatically, such as through the use of cookies.

You can define how you classify information e.g. public, private, or personal information. This helps the user know exactly what these terms means in the rest of the Privacy Policy document.

How the Information is Used

One of the main purposes of Privacy Policy agreements is to explain to users how the information the business collects is used.

How the Information is Stored and Protected

Another important clause to include in your Privacy Policy agreement is about how you store and protect the information you collect from your site’s visitors. You can explain the different ways you store information and what measures you take to protect that information.

Company Contact Information

As a business owner, it’s important that you include your company’s contact information in your Privacy Policy agreement. Generally, contact information is added at the end of the Privacy Policy and contains a physical (street) address, email address, and/or phone number. The more contact information that you can provide, the better.

Use of Cookies, Log Files and Tracking

Websites and apps use cookies to store user information, provide users with personalized experiences and collect their users’ web history. Other websites may make other uses of cookies and may even choose to give third parties access to those cookies.

In any case, website owners are required to inform their users about the tools the company uses to collect user information and track their behavior, including cookies.

Most websites and app owners use log files to automatically collect and store information about their users’ IP address, browser, data/time, etc. and use it for different purposes.

Opt-Out Policy Clause

Apps and websites should inform their customers about their right to opt-out of certain aspects or services offered by a website.


Regardless of whether you own a website or app that collects, processes, and/or stores user information, you have certain responsibilities to your users. The most primary responsibilities on your part as a website owner are to keep their personal data secure, protect their privacy to the best of your ability, and to keep them informed about how their data will be stored and processed by providing a Privacy Policy.


  1. Thank you, I have just been looking for information about this topic for ages and yours is the greatest I’ve discovered till now. But, what concerning the bottom line? Are you sure about the source?


Please enter your comment!
Please enter your name here