Privacy Policy written on a wall

A privacy policy must set out the different areas where user privacy is concerned and outline the obligations and requirements of the users, the website and website owners. Furthermore, the way your organisation processes, stores and protects user data and information should also be detailed in a privacy policy. The policy should be made available on your organisation’s website.

What needs to be included in a privacy policy?

Here are the main points that should be addressed in a privacy policy:

Use of the cookies

Your policy should first define what cookies are and then explain what the organisation used the cookies for. It should stress that they are used to enhance the user experience and any tracking software used should also be stated.

Personal information

If your organisation requests and stores personal information, such as their name or email address, this should be made clear in the privacy policy. Under GDPR rules, individuals have the right to request a copy of this information and can request to be removed from the database at any time.

Information collection and use

How does your organisation collect information and how long is the information stored for? This should be explained in your privacy policy.

Other information to include

If your organisation uses registration forms or collects information in any other way, it will need to be made clear how the data is used and how to unsubscribe from any mailing list.

Download THE GDPR privacy policy template

Does your organisation have an up-to-date data protection policy in place? Download a free data protection policy template by clicking on the button below.

Download now