What our customers are saying about us

Help Guide Icon

Help Guide

Every website needs to post a website privacy policy so that visitors understand how the site collects and uses their information. The following information explains the main sections and key considerations of a website privacy policy.

Note that this privacy policy may not be appropriate or may need to be supplemented for websites operating within regulated industries, such as in financial and healthcare industries.

Introduction

The "last updated" date is normally located at the top of the privacy policy. The best practice is to update this date whenever you modify the policy. Any changes you make will only apply to information collected after the revision date.

The introductory language clarifies that the policy only applies to information collected during online activities on the website and electronic correspondence, not information collected offline. By using the site, visitors agree to the terms of the privacy policy.

TRUSTe Privacy Program

If applicable, this paragraph informs visitors that your site has been awarded a TRUSTe privacy seal due to your compliance with TRUSTe's certification standards. Visitors are told to email you with any questions, and if they are not satisfied with your response they may contact TRUSTe, which will act as a liaison to help resolve the issue.

Information We Collect

This section lists the types of information you collect, including whether or not you collect "personal information." Personal information is any personally identifiable information that can be linked to specific individuals, such as names, addresses, dates or places of birth, and social security numbers.

Possible categories include the following:

  • Demographic information
  • Forum or discussion board activities
  • Product reviews
  • Search queries
  • Site feedback or suggestions
  • Surveys or polls
  • Sweepstakes or contest information
  • Billing and credit card information
  • Social security numbers

You may also add your own miscellaneous categories. You should be thorough in including all categories of information collected. Note that this document already permits you to collect certain standard categories of information, such as names, addresses, email addresses, phone numbers, personal interests, server logs, advertising interactions, online interactions, and activities on the website. It may be beneficial to preview this language in the document before adding your own categories.

This section also notifies visitors if you allow and collect account or profile information, transaction information, and user contributions such as public posts to forums or discussion boards.

Automatic Data Collection

Any automatic data collection technologies employed by your site are detailed here. These may include cookies, web beacons, flash cookies, DoubleClick DART cookies, and Google Analytics.

How We Respond to Do Not Track Signals

Here, you explain whether you track visitors' activities over time or across third-party websites and if you respond to Do Not Track (DNT) signals. DNT signals are sent by browsers to notify websites when visitors do not wish to be tracked. This section also explains whether you allow third parties (anyone else) to track visitors.

How We Use Your Information

This section lists the various ways in which you use the visitor information you collect. For instance, it notifies visitors if you sell or rent their information to others. Common uses of visitor information include to administer the site, to enforce site rules, to provide access to the site and its services, to research and analyze visitor usage data and target demographics, to maintain security, and to fulfill visitor requests. You may also use visitor information in other ways so long as you indicate the uses at the time the user submits the information or if you first receive authorization.

This section also explains that all information collected from visitors of the site belongs to you, whether or not such information is personal information, information visitors volunteer, or information passively collected (for instance, through automatic collection technologies).

How We Share Your Information

Here, you clarify the other parties that you may share visitor information with. These parties include any affiliates or subsidiaries; employees, contractors, business partners, and other third parties that provide support to the site; any new owner that receives your site's assets through a sale, liquidation, merger, or similar proceeding; and courts and government law enforcement agencies. You may also add others to this list or notify visitors of other parties that will receive specific information at the time visitors provide it.

You can optionally include third-party advertisers and ad servers or allow your site broad license to share with any third party it desires. However, to ensure that your policy stands up in court, you should tailor your privacy policy to your actual or reasonably expected privacy practices. Therefore, you should refrain from adding any parties that you will not actually share information with, limiting your list as much as possible.

Links to Other Websites

The privacy policy only applies to your website. Visitors should be aware of this when they exit your site and review the privacy policies of all sites they reach through links on your site.

Third-Party Tracking on Our Site

This section, if applicable to your site, indicates that your site allows third parties to place advertisements or other content on your site that uses tracking technologies to collect information from visitors. It then goes into more detail regarding targeted ads and whether or not they collect personal information.

Opt-Out Procedures

Visitors are told how to opt out of receiving certain communications from your site. If your site uses them, visitors may also opt out of sharing with third-party advertisers and targeted ads. Lastly, they are directed to review the relevant third-party privacy policies for any tracking technologies used on your site.

How to Access and Change Your Information

It is important that visitors are able to review, correct, and delete any personal information you collect on the site. This section provides the email address for doing so and, if your site provides accounts, explains how to update account information.

Notice of California Privacy Rights

This section is important to comply with the California "Shine the Light" law (California Civil Code Section 1798.83). California residents who use the site may request certain information regarding any disclosure of personal information to third parties for their direct marketing purposes by emailing you at the address indicated.

Security

Here, visitors are notified of your site's data security technologies and the measures you take to safeguard against unauthorized use or disclosure. For example, it explains whether you encrypt data using Secure Sockets Layer (SSL) data encryption or other technologies. Since no data transmissions can be guaranteed against loss or theft, it is important that this provision does not overstate your ability to protect data (for instance, against hacking or viruses).

Children's Privacy

Visitors must be notified about whether you collect personal information from children under 13 years of age. If so, you must state your reason for collecting such information, explain your uses of it, and notify parents or legal guardians of their related rights to review, update, and delete such information.

Changes to This Privacy Policy

You may post changes to the privacy policy at any time. However, note that any changes you make will only apply to information collected after a revision is posted. If you make any significant changes to how you collect, use, or share visitor information, then instead of just posting your changes on the privacy policy page, it is recommended that you email account holders directly and post notice in a prominent location on the site. This will make sure that your updates are legally valid should they ever be questioned in court.

Notification Procedures

You may make any notifications necessary regarding the privacy policy in whatever manner you deem appropriate (in accordance with applicable laws).

Cross-Border Data Transfers

Here, visitors agree that you may transfer visitor information to countries other than their own.

Contact Information

Lastly, visitors are told how to contact you should they have any questions, suggestions, or complaints. It is recommended that you include an address, phone number, and email address.

Ready To Get Started? Create a Website Privacy Policy

Checklist Icon

Checklist

Step 1: Gather Information

As you complete your website privacy policy, you will need to provide certain relevant information. This includes the types of information collected (if any); the types of interactions visitors have with the website, such as public posts and product purchases; and the types of tracking technologies used.

Step 2: Answer Key Questions

Use the information you collected to complete the privacy policy. We make this easy by guiding you each step of the way and helping you to customize your document to match your specific needs. The questions and information we present to you dynamically change depending on your answers and the state selected.

Step 3: Review and Post Online

It is always important to read your privacy policy thoroughly to ensure it matches your needs and is free of errors and omissions. After completing the questionnaire, you can make textual changes by downloading it in Microsoft Word. If no changes are needed, you can simply download the PDF version and sign. These downloads are available by navigating to the Documents section of your account dashboard.

Next, you need to make the privacy policy available on your website for users to read. Links to the privacy policy should be displayed throughout the site and included within your website terms of use.

Step 4: Periodically Review and Update

It is easy to forget the ins and outs of your privacy policy. Periodically reviewing it will help you stay familiar with any responsibilities or requirements so that you can determine when it needs changes or additions.

As your policies change or new laws pass, you will need to update your privacy policy. At a minimum, websites should do this every year or two, but it is often necessary to make more frequent updates.

Step 5: Complete Related Documents

Websites are also required to have a corresponding terms of use in place. Website terms of use are used to notify visitors of the general rules for using the site. LegalNature's terms of use are customizable and include language consistent with our privacy policy to provide your site with maximum legal protection.

Ready To Get Started? Create a Website Privacy Policy