• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Legal Templates

Legal Templates
  • Business Forms
    Business & Contracts

    All of our legal contracts and documents are drafted and regularly updated by attorneys licensed in their respective jurisdictions, paralegals, or subject matter experts. Save your hard-earned money and time with Legal Templates.

    Top Business Forms
    Business Formation
    • Business Plan
    • LLC Operating Agreement
    • Articles of Incorporation
    • Corporate Bylaws
    • Buy-Sell Agreement
    Business Operations
    • Business Contract
    • Partnership Agreement
    • Non-Disclosure Agreement
    • Release of Liability
    • Letter of Intent
    Sales and Payments
    • Purchase Agreement
    • Sales Agreement
    • Invoice
    • Purchase Order
    • Business Purchase
    Employment and HR
    • Employment Contract
    • Employment Offer
    • Employment Verification
    • Freelance Contract
    • Non-Compete Agreement
    View All Business Forms
  • Real Estate Forms
    Real Estate

    All of our legal contracts and documents are drafted and regularly updated by attorneys licensed in their respective jurisdictions, paralegals, or subject matter experts. Save your hard-earned money and time with Legal Templates.

    Top Real Estate Forms
    Landlords
    • Lease Agreement
    • Property Management
    • Eviction Notice
    • Late Rent Notice
    • Lease Termination
    Tenants
    • Room Rental
    • Sublease Agreement
    • Roommate Agreement
    • Notice to Vacate
    • Early Lease Termination
    Home Ownership
    • Real Estate Purchase Agreement
    • Mortgage Deed
    • Quitclaim Deed
    • Deed of Trust
    • Moving Checklist
    View all Real Estate Forms
  • Personal & Family Forms
    Personal and Family

    All of our legal contracts and documents are drafted and regularly updated by attorneys licensed in their respective jurisdictions, paralegals, or subject matter experts. Save your hard-earned money and time with Legal Templates.

    Top Personal and Family Forms
    Estate Planning
    • Power of Attorney
    • Last Will & Testament
    • Living Will
    • Advance Directive
    • DNR Form
    Personal Finance
    • Bill of Sale
    • Loan Agreement
    • Purchase Agreement
    • Promissory Note
    • Sales Agreement
    Family Matters
    • Parenting Plan
    • Child Travel Consent
    • Divorce Agreement
    • Separation Agreement
    • Prenuptial Agreement
    Affidavits
    • General Affidavit
    • Gift Affidavit
    • Affidavit of Identity
    • Affidavit of Residence
    • Affidavit of Death
    View All Personal Forms
  • Support
    Resources
    • Business
    • Real Estate
    • Personal and Family
    • Financial
    • Estate Planning
    Support
    • About Us
    • Careers
    • Contact Us
    • All Legal Documents

    Monday - Friday | 9AM - 7PM EDT

    (855) 335-9779

  • Sign In
  • :email

Home Business Documents Privacy Policy

Free Privacy Policy Template

Use our Privacy Policy template to create a privacy policy for your website or app.

Updated October 28, 2022

A Privacy Policy is used to how your website collects, uses, shares, and sells the personal information of site visitors. Learn what should be included in a privacy policy and download a privacy policy template in PDF or Word format below.

Table of Contents
  • What is a Privacy Policy?
  • Who Needs a Privacy Policy?
  • Why You Need a Privacy Policy
  • What is Included in a Privacy Policy?
  • Privacy Policy Sample
  • Example Privacy Policies
  • Does My Website Need a Privacy Policy?
  • Consequences of Not Having a Privacy Policy
  • Privacy Policy FAQs

What is a Privacy Policy?

A Privacy Policy is a document or statement that describes how a company gathers, uses, manages, and releases the information of customers or visitors to its website. By accessing the company’s website, users accept to have their information collected and disclosed in accordance with the company’s Privacy Policy.

A Privacy Policy may also be called:

  • Privacy Statement
  • Internet Privacy Policy
  • Website Privacy Policy
  • Privacy Notice
  • Privacy Page
  • Privacy Information Policy

Who Needs a Privacy Policy?

If you have an online presence, you should have a privacy policy in place. Just about every website needs to have a privacy policy that specifies the information you collected from your users and how you use it. A few examples of who else needs a privacy policy include:

  • Blogs
  • E-commerce stores
  • Mobile apps
  • Social media apps

Why You Need a Privacy Policy

There are several significant reasons why you need a privacy policy. Some of the biggest reasons include:

A Privacy Policy is Required by Law 

One of the first reasons why you need to have a strong privacy policy is that it is required by law in many places. Privacy laws have been instituted by numerous countries all over the world. They include:

  • Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA): This act requires all websites in Canada to specify how information is circulated and exchanged online while also establishing rules that govern the collection and disclosure of personal information by websites.
  • Europe’s General Data Protection Regulation (GDPR): Anyone who goes to Europe and visits a website will immediately see a pop-up prompting someone to specify the cookies they are comfortable with. This law is designed to place users in control of how their information is collected and used.
  • Australia’s Privacy Act: Australia also has a similar privacy act and place that requires websites to disclose how they collect and use the personal information of their visitors.
  • The UK’s Data Protection Act: This app is very similar to the act in mainland Europe, and it requires websites to place users in control of how cookies are used on their computers, how their personal information is collected, and how their personal information can be used. The goal is to make sure all information is used lawfully and transparently.
  • The California Online Privacy Protection Act (CalOPPA): This law was passed in 2004 and amended in 2013. It requires all commercial websites to have a privacy policy on their websites.
  • The California Consumer Privacy Act (CCPA): This act applies to most businesses operating for profit in California. It gives users the right to know, the right to delete, and the right to opt-out of the selection or sale of their personal information.

A Privacy Policy is Required by Third-Party Services

You should also have a privacy policy on your website because there are many third-party services that require you to have one. If you want your website to have access to valuable third-party services, you must have a privacy policy in place. There are plenty of examples of third parties that require you to have a privacy policy before they will let you use their services.

Some of the top examples include:

  • The Google Play Store
  • Google Analytics
  • Google AdSense
  • Amazon Associates
  • Google AdWords
  • Facebook
  • The Apple App Store

There are plenty of reasons these third-party services might require you to have a privacy policy. The biggest reason is that they will place cookies on the computers of your visitors. Cookies allow them to track the online behavior of your visitors, but they need to make sure that they comply with federal rules and regulations as well.

Therefore, if you use their services, and they place cookies on the computers of your visitors, but your visitors are not aware of it, they could also be held liable. Therefore, by having a privacy policy in place, you will let your visitors know that your third-party services could place cookies on their computers. Ideally, you should also give your visitors an opportunity to opt out of this process. It is critical for you to review your privacy policy to make sure it complies with any third-party services you might use.

Increased Transparency

Finally, you should also have a strong privacy policy in place because it leads to increased transparency. Today, consumers are more aware of how their information is collected and used. They are less likely to use a website that appears to be dishonest, opaque, or untrustworthy. If you have a privacy policy in place, you show that you are open and transparent with your visitors, and you can develop a stronger relationship with them.

Already, there are web browsers popping up that promise not to collect or use any personal information. One of the most popular options DuckDuckGo, and another one is Brave. While some people might be okay with you collecting some information, you need to make sure they know that they are in control. The best way to do so is to be open and honest with a comprehensive privacy policy in place.

What is Included in a Privacy Policy?

There are a number of elements you should include in your privacy policy:

1. Information

A Privacy Policy will describe what information a website or app collects. In general, websites collect two types of information – personally-identifying information and non-personally-identifying information.

  • Personally-identifying information is any information that on its own can be used to identify a specific person. Some examples of personally-identifying information include a person’s name, date of birth, address, email address, marital status, financial records, and medical history.
  • Non-personally identifying information is information that, without the aid of additional information, cannot be directly associated with a specific person. Some examples of non-personally identifying information include a person’s internet protocol (IP) address, browser type, and location of other websites viewed before arriving at the website.

2. Collection

The Privacy Policy will also describe how the company collects both personally-identifying information and non-personally-identifying information. This information can be collected by the website in a number of ways. The most common ways are:

User input: If a website requires users to register, users will usually have to provide personally-identifying information, such as their name, address, telephone number, email address, age, and/or credit card number. In addition, a website might ask for other information from the user, such as interests, gender, user name, and other demographic information.

Derivative data: Most websites collect non-personally identifying information that web browsers make available, including the user’s IP address, operating system, browsing history, and statistical data.

Web cookies: Web cookies are small text files that are stored on a user’s computer. Each time the user submits a query to the website, the user’s web browser sends the text file back to the website, allowing the website to keep track of users, remember important information and customize web pages.

Web beacons: A web beacon is a small file embedded in an email or web page that allows websites to invisibly monitor a user and see if the user has viewed their content.

Social media: If users can connect their social media accounts to the website, certain information may be disclosed by the social media network to the website.

3. Use

A Privacy Policy must also disclose how the company uses the information that it has collected. Some of the ways websites use the information of their customers include:

General use: In general, websites will use the information it collects to help provide and deliver the services of the website and manage and maintain the website.

Email communications: Companies will often use their customers’ names and email addresses to deliver notices and announcements to those customers.

Analytics: A helpful tool for companies is to be able to track and analyze the activities of their users and the traffic on their website. Companies can use third-party vendors to allow such tracking data on their websites.

If your company uses Google Analytics to track and report website activity and traffic, you are required by Google to have specific disclosures in your Privacy Policy explaining the use of these services.

4. Disclosure

Lastly, a Privacy Policy must state how the company discloses any information of its customers, including, but limited to:

By law: Companies will have to disclose personal information if it is required by law.

Marketing: Sometimes companies will sell or give their customers’ email addresses to third parties who may send emails about additional products and services.

Business partners and affiliates: Personal information can also be shared with business partners and affiliates.

Third-party service providers: Companies will sometimes need to share personal information with third-party service providers that help them with the business, such as credit card processors.

Your Privacy Policy should also disclose the methods being used to keep your customer’s information safe.

Privacy Policy Sample

Here’s what a typical privacy policy looks like:

Privacy Policy example form

Download PDF
Download MS Word

Example Privacy Policies

There are plenty of websites that have strong privacy policies in place.

The New York Times

The privacy policy from The New York Times, has several sections, including:

  • What Information Do We Gather About You?
  • What Are Your Rights?
  • What About Links to Third Party Services?
  • How Do You Protect My Information?

These sections have very clear questions that the privacy policy then answers. These are designed to be common questions that people might ask The New York Times about their data collection methods. Even though the privacy policy is very in-depth, the sections make it easy for people to find the information they are looking for.

Reddit

Another privacy policy example is from Reddit. You can find the Reddit privacy policy at the bottom of their homepage, and it is also broken up into several sections. They include:

  • What We Collect
  • What We Collect (and How it is Used and Shared)
  • Your Choices
  • Your Rights

They decide not to phrase their sections in terms of questions, but the privacy policy is still laid out very clearly. It is significantly shorter than many other privacy policies, but it still contains the most important information people care about. The headers are very clear, making it easy for people to find the information they need.

Does My Website Need a Privacy Policy?

While there is no federal law in the United States requiring that websites establish a Privacy Policy, many states, and most other countries, require a website that collects and stores any personal information from its users to have one.

In the United States, the Federal Trade Commission (FTC) regulates laws and policies regarding the privacy practices of businesses and the protection of their customers’ personal information. The FTC also helps to enforce federal laws concerning the privacy of customers’ information, including the following:

  • Fair Credit Reporting Act (FCRA), limits how companies can obtain and use a customer’s credit and background reports.
  • Gramm-Leach-Bliley Act, requires financial institutions to clearly explain their information-sharing practices and also restricts the sharing and use of specific financial information.
  • Health Insurance Portability and Accountability Act (HIPAA) created a “Privacy Rule” that establishes a national set of standards of how health care service providers can use an individual’s protected health information.
  • Children’s Online Privacy Protection Act (COPPA), requires websites that target and/or collect information from children under the age of 13 to post a Privacy Policy that complies with the COPPA requirements and also implements certain parental notice and consent requirements.

In 2012, the FTC released a report with guidance on Privacy Policy best practices for websites.

Even if your company or website is not in a jurisdiction that requires a privacy policy, the reach of your website may subject it to the laws of other states and countries. For example, California has enacted the California Online Privacy Protection Act of 2003 (CALOPPA) which requires any website collecting personal information to have a Privacy Policy posted on its website that is easily accessible to its users. Even if your website is not run in California, CALOPPA applies to any website that collects personal information from a California resident. Therefore it is likely that your website will be subject to the CALOPPA regulations.

The European Union has more established laws regarding privacy protection, including the Data Protection Directive (95/46/EC) and the E-Privacy Directive (2002/58/EC). These directives state that the personal information of European Union residents can only be transferred to countries outside of the European Union that have policies with an adequate level of protection.

Therefore, if you are a website that gathers, stores, or uses personal information and data from clients and users, you should have a Privacy Policy for your website. You also need to make sure that you adhere to the promises and disclosures set forth in that policy.

Consequences of Not Having a Privacy Policy

If you are a company without a Privacy Policy on your website, you risk violating various laws regarding privacy disclosure and maintenance requirements and may be subject to civil and criminal lawsuits and hefty fines.

If you are a website user or client who chooses to access a website that does not have a Privacy Policy or who fails to read the posted policy about how that website will handle your private information, you risk sharing and exposing personal information and having it end up in the hands of complete strangers. Financial and social consequences can be severe if things like your credit card or social security number are leaked and circulated.

A Privacy Policy can help prevent the following for both companies and users:

CompanyUser
Paying hefty fines or having your website shut downHaving your financial information shared and used for fraudulent transactions
Being sued by users for improper disclosure of personal informationHaving your social information posted online and used for illegal activity, character assassination, or unapproved use
Compromising a user’s personal safetyHaving your location data posted online and receiving unwanted visitors
Lack of trust and credibility Skepticism and apprehension about doing continued business with a company

Privacy Policy FAQs

How often should Privacy Policies be updated?


You should review and update your privacy policy at least once a year to make sure it’s in line with your current data management practices.

An outdated privacy policy can risk big lawsuits if a customer discovers their data is being used, shared, or sold differently from what your existing privacy policy outlines.

Review your privacy policy regularly, notify your customers of any changes that could impact their privacy, and ensure you stay compliant with all data privacy regulations.

Can I copy a Privacy Policy?


No you should not copy a privacy policy and use it as your own. You need to ensure your privacy policy is compliant with data privacy regulations and should be specific to your website’s data-handling practices.

You can use a privacy policy template to avoid copying one, this way you just need to fill in the blanks.

Where do I display my Privacy Policy?


You should have a separate page on your website that is dedicated to your privacy policy, but you need to make it as easy as possible for your visitors to find it. For example, you may want to have a link to your privacy policy from your website menu. You may also want to provide links to your privacy policy on your sign-up forms, at the bottom of most of your pages, and on the checkout page if you run an eCommerce business. There are plenty of privacy policy examples that will give you ideas about where to display your privacy policy. 

Is a Privacy Policy required by law?


Yes, a privacy policy is required by law under guidelines that have been published by the federal government. The federal government requires websites to inform their visitors about how they collect, share, use, and protect their personal information. You need to be open, honest, and transparent about the information you protect, in addition to following all federal guidelines regarding how your website uses personal information. It can be helpful to take a look at a free privacy policy template to make sure your business is compliant with all rules and regulations in your industry.

Is a Privacy Policy required by third-party services?


A privacy policy is required by many third-party services, but not every third-party service. For example, if you are using an email newsletter service to distribute information to people on a subscription list, they may require you to have a privacy policy before you are allowed to use their service. Because a privacy policy is typically required by the federal government, third-party services should be fine with the privacy policy you have in place as long as it is compliant with all federal rules and regulations. 

Do I need a Privacy Policy even if I don’t collect personal information?


Even if you do not collect personal information from your visitors, you still need to have a strong privacy policy in place. A privacy policy will make it easier for you to encourage customer loyalty because they will know that your brand cares about their personal information. A privacy policy can also help your business appear more professional and trustworthy. If you don’t collect any personal information, it does not have to be that long or complicated. 

Do I need a Privacy Policy even if I don’t collect personal information?


Even if you do not collect personal information from your visitors, you still need to have a strong privacy policy in place. A privacy policy will make it easier for you to encourage customer loyalty because they will know that your brand cares about their personal information. A privacy policy can also help your business appear more professional and trustworthy. If you don’t collect any personal information, it does not have to be that long or complicated. 

How do I make my Privacy Policy enforceable?


To make your privacy policy enforceable, there are a few steps you should follow. First, you need to make your privacy policy easy to understand. That way, there’s no room for debate regarding what the privacy policy covers. You should also update your privacy policy regularly to reflect changes in your business, your protocols, and the law. Then, do not forget to notify your users of these updates, and make sure you put an effective date on the policy.

How often do I need to update my Privacy Policy?


You should review your privacy policy at least once per year to make sure it still matches the products and services you provide. If there are big changes in federal rules and regulations, review your privacy policy to make sure it is still accurate. If you plan on launching a new product or service, or if you change the way you use visitor data, you need to update your privacy policy accordingly.

Can I download a sample Privacy Policy template? 


Yes, you can download a sample privacy policy template with Legal Templates. A privacy policy template can act as a strong skeleton for your own privacy policy. Do not forget to review your privacy policy from time to time to make sure nothing is overlooked. 

Related Business Operations Documents

  • Terms of Use Agreement: A written set of rules and regulations between the User and the Company in order to use the Company’s website and services.
  • Hold Harmless (Indemnity) Agreement: A legal document that transfers risk from one party, the Promisee, to another party, the Promisor.
  • Release of Liability Form (Waiver): Use a Release of Liability (Waiver Form) to prohibit one party from suing another in the event of an accident.
  • Social Media Policy: A document detailing the guidelines and requirements for your company's social media use.
Privacy Policy example form

Free Privacy Policy Template

Create Your Privacy Policy in Minutes!

Legal Documents

  • All Legal Forms
  • Business Forms
  • Real Estate Forms
  • Personal and Family Forms

Popular Forms

  • Lease Agreements
  • Power of Attorney Forms
  • Eviction Notice
  • Living Will
  • Non-Disclosure Agreement

Resources

  • Legal Resources
  • Business
  • Real Estate
  • Personal & Family
  • Estate Planning
  • Financial
  • Covid-19 Resources

Company

  • Pricing
  • About Us
  • Careers
  • Contact Us
  • Partner With Us
  • Legal Dictionary

Users

  • Account
  • Terms of Use
  • Privacy Policy
  • Do Not Sell My Personal Information
McAfee - Together is power.
Trustpilot
BBB Accredited Business

(855) 335-9779, Monday-Friday, 9AM - 7PM EDT

Facebook Twitter LinkedIn

Copyright 2023 Legal Templates LLC. Legal Templates LLC is not a lawyer, or a law firm and does not engage in the practice of law. Legal Templates cannot and does not provide legal advice or legal representation. All information, software and services provided on the site are for informational purposes and self-help only and are not intended to be a substitute for a lawyer or professional legal advice. Use of this site is subject to our Terms of Use. Legaltemplates.net is owned and operated by Resume Technologies Limited, London with offices in London United Kingdom.”

Esc

Free Privacy Policy Template

Privacy Policy example form

The document above is a sample. Please note that the language you see here may change depending on your answers to the document questionnaire.

Fill in the details

Thank you for downloading one of our free legal templates!

Would you leave us a review?

We hope you've found what you need and are able to avoid the time, costs, and stress associated with dealing with a lawyer.

A review would mean the world to us (it only takes about 15 seconds).

Please check your download folder for MS Word or open tabs for PDF so you can access your FREE Legal Template Sample

Thanks again, and good luck!

Leave My Review