It’s a legal requirement to have a website privacy policy if you run a business website. Here’s what should go in one, plus download your free privacy policy template.
Website privacy policy template – free Word download
Choose to download your template now, or get it directly from Farillio’s site where you’ll also get access to their full suite of customisable legal templates.
Your email address will be used by Simply Business to keep you posted with the latest news, offers and tips. You can unsubscribe from these emails at any time. Simply Business Privacy policy.
This document has been produced by Farillio so we can’t take responsibility for its contents. We’d recommend you take professional advice before making any important decisions based on its contents.
Privacy policy for website: do I need one?
The short answer is yes, if you have a website for your business (or run any other website that collects data on visitors) then you need a website privacy policy (also called a website privacy notice).
The website privacy policy is a legal requirement that lets your website’s visitors know about how you collect, handle, store and potentially also share their personal data. It needs to comply with the UK General Data Protection Regulation (GDPR), which is now part of the Data Protection Act 2018.
Whatever the purpose of your business website, it’s likely to collect data on visitors. Even if your website is just a ‘shop window’ featuring a blog and your contact details, it’s still collecting data on visitors (for example, if you use website analytics tools, these usually give you details like how much time a user has spent on a particular page).
If your business website is an online shop, meaning that you collect personally identifiable data and take payments, then your website privacy policy will need to go into more detail. That’s because you’ll need to give your visitors details like how long you store this data.
You’ll also have responsibilities around securing this data and how to approach data breaches.
Ultimately, under the GDPR, a person has the ‘right to be informed’ about how their data are being used. This is one of the most important transparency principles of the legislation and your website privacy policy should explain this in a clear and simple way.
What do I put in my website privacy policy?
Firstly, it’s important to get to grips with the key themes of the GDPR. These should help you understand the ‘whys’ behind your website privacy policy.
Your privacy notice isn’t simply a box-ticking exercise, because as customers become more savvy about their data, they’ll favour businesses that are open and transparent about how that data is being used.
You should do a data mapping (or data audit) exercise, which will establish:
the types of data you hold
why you use them
the legal basis for using them
details of when and how you share the data
After doing this exercise, you’ll be in a good position to fill out your own website privacy policy.
How to use our website privacy policy template UK download
In our website privacy policy template, brought to you in collaboration with our partner Farillio, you’ll find general categories of data. You should explain which data you collect and how long you retain it, this includes:
identity information (including name, gender, marital status, date of birth)
contact information (including email addresses and phone numbers)
account information (including usernames and passwords)
payment information (including bank account and card details)
transaction information (including details of goods and services)
survey information (including information collected in surveys and feedback)
marketing information (including a user’s marketing and communications preferences)
website, device and technical information (including browsers and IP addresses)
You’ll also detail which ‘special information’ (if any) that you collect on your users. This is data that need more protection because they’re sensitive, and includes information like race, politics and religion.
The website privacy policy template then outlines the purpose behind collecting the data, along with the legal reason. There’s also sections on how you share the data, as well as your visitor’s rights under data protection law.
Not all parts of the privacy policy template will be applicable to all businesses. As data protection is a complex and important topic to get right, be sure to take legal advice on your business’s privacy policy and your wider data controlling activities.
Why use a Farillio template?
Farillio is a business resource website that offers customisable, downloadable legal documents for small businesses.
Small businesses have legal responsibilities, but often don’t have the resources for an in-house legal team. Farillio’s resources are designed to help you plug that gap.
Have a look at more free guides designed in partnership with Farillio:
Other useful resources for your website privacy policy
Data protection is a huge subject, so it’s a good idea to do all the research necessary to make sure you’re getting your website privacy policy right. Check out more guides and templates:
