Privacy policy
This is our standard website privacy policy template, designed to aid compliance with data protection legislation, and now updated for the GDPR or General Data Protection Regulation.
This template includes disclosures about the categories of personal information that are collected, website cookies, the ways in which that personal information may be used, the persons to whom the personal information may be disclosed, the security measures used to protect the personal information, and much else besides.
More information about privacy policies
Our privacy policy document is designed for use in relation websites which collect and process personal information. Its purpose is to help website operators meet their obligations under UK data protection legislation. This document has been used on hundreds of thousands of websites.
The privacy policy document covers, amongst other things, the following matters:
- categories of personal information collected by the website;
- information about cookies used by the site;
- details of how personal information is used;
- identification of the legal bases for processing personal information;
- details of specific situations in which personal information may be disclosed to third parties;
- information about extra-EEA transfers of personal data; and
- information about data retention policies.
Please read the notes accompanying the privacy policy very carefully. You will of course need to adapt the privacy policy to suit your website and business. It may not be suitable for websites which collect or process large volumes of personal information or sensitive personal information; nor may it be it suitable for websites which make complex or unusual or unexpected uses of personal information.
In relation to cookies, the privacy policy includes a statement to the effect that users consent to the use of cookies. However, this will not necessarily satisfy the cookies consent requirement under the new cookie laws.
Data protection law is not straightforward, and if you are in any doubt you should take professional advice.
Our full range of privacy and cookies policies
We supply a range of privacy and cookie documents on our ecommerce websites, website-contracts.co.uk and Docular.
| Title | Description | Get the document on... | |
|---|---|---|---|
| Cookies policy | A simple policy covering cookies disclosures. |  |  |
| Privacy policy | A short-form privacy policy for data protection disclosures. | | |
| Privacy and cookies policy | A document combining the provisions of our privacy policy and cookies policy. | | |
Summary of free document licensing terms
By downloading a free legal document available on this website, you accept and agree to our terms and conditions. The main terms of the licence in the terms and conditions are as follows.
- Unless you have paid for the right to use the relevant document without the included credit (attribution) text, you must retain the credit in the free legal document.
- Subject to this point, you may edit and amend the documents to render them suitable for your purposes.
- You must not sell or re-distribute the free legal documents or derivatives thereof.
- We give no warranties or representations concerning the free legal documents, and accept no liability in relation to the use of the free legal documents.
Comments
Privacy document website
Thanks.
Business Website
I am starting a patient consultant (advocate) service. What disclaimer, privacy policy and terms and conditions would I need to put on my blog?
More information needed
I'd need to know a little more about the blog before commenting on this. Can you give me an idea of the type of content that would be included in the blog, and also whether there is any non-blog functionality on the website?
Privacy policy for website
Hello,
I am quite confused with the privacy thing in general. We are lettings agency and we just had our website created and I believe we need a privacy policy license. How do we obtain it? And how do I put it on our website?
Thanks.
Privacy policy options
There are various options.
1. You can download this document (click the button above) and use it free of charge, providing you retain the section in the document that credits us as the source of the document ("This policy is based on a template published by SEQ Legal...").
2. If you want to project a more professional image, you can buy a licence to use this template without the credit text, here:
https://www.website-contracts.co.uk/privacy-policy.html
3. If you want to edit the document online with our online editor, which makes teh job easier, use:
https://docular.net/documents/template/12/privacy-policy
4. Finally, you could ask a lawyer to produce the document for you.
The method of getting the text on to the website depends upon the technology used to create the website. NB Docular allows you to export in HTML format which can make this process quicker.
Privacy Policy for website
Thank you for your response. So just to clarify, as long as we have this document dispayed on our website and we a registered with Information
Commisioners office, we are compliant with the privacy policy act? What about cookies? Do we need that poping up in our website too? Many thanks for your help!
A template cannot ensure compliance
No, a template will never guarantee compliance. It's merely a tool. To ensure compliance you or a professional adviser needs to understand both the legislation and your business and then make the relevant disclosures and handle any other compliance points, including the best way to get consent for the use of cookies.
Privacy policy for mobile game
Hello, I am developing a good game for Android that integrates some Facebook plugins and ask for some permissions (user profile, name, picture and publish permissions). Facebook requires that my app have a web page and in that web page should be the privacy policy (this web page is created via wix.com).
Would your privacy policy template be good enough for my needs?
Thanks in advance for the help.
Good enough privacy policy?
I can never say that a template will alone be good enough. In legal terms, a privacy policy being "good enough" means enabling the business in question to comply with all relevant data protection / privacy disclosure laws. The information that needs to be disclosed by a business will vary from case to case. For example, the geographical location of your service providers might affect this. A template cannot know anything about your business, so cannot ensure compliance. You should take legal advice if you want to ensure compliance and you don't know how to do this yourself.
Privacy Policy Licence cost
How much will it cost us exactly to purchase this Privacy Policy licence without SEQ Legal author credit?
Ten pounds
It's GBP 10 inc VAT (if applicable), and available for purchase here: https://www.website-contracts.co.uk/privacy-policy.html
Basic mobile app
I have an Android mobile app that accesses the camera and so as such Googles terms require that I have a privacy policy. I store no information from the camera between sessions so this is just a requirement of compliance with Google as I don't store or use any personal information. Would you have a template to cover such situations? I think this would be very useful to many.
App-specific privacy policy
Thanks for your comment Chris.
I'm hoping to do some mobile app-specific legal templates at some point, but it won't be soon I'm afraid.
GDPR compliance
Are your Privacy Notices GDPR compliant?
Not yet
We don't generally update our templates until shortly before relevant legal changes take effect.
GDPR
The template has now been updated for GDPR, with an choice of DPA and GDPR compliant "your rights" clauses.
Not sure which policy to download
Hello, i just launched the website of my record label, a net label. Mainly I'll be offerening music distribution, remix and mastering and a promotion blog where people and artists will submit their music, photos, links of their social media, links to videos, biography, information about the artist like name, country, age.
I'm not registered as an offical company as I'm just starting and maybe in a future I will start as self employed. So basically I'm like a sole trader where I will be in charge of all the website management and deciding which artists I will be promoting. I download the privacy policy but in some points I dont have the information like:
15.2 We are registered in [England and Wales] under registration number [number], and our registered office is at [address].
15.3 Our principal place of business is at [address].
Details for sole trader
Section 15.2 can be removed as you do not have a company.
Section 15.3 however should be retained. You presumably however still have an address from which you conduct the business, even if this is your home address. You should also include your name "Joe Bloggs trading as XYZ" in the legal docs, so that users and customers can identify who they are dealing with.
I'm assuming English law applies.
Policy to download
SA law
Our documents are all designed to help compliance with English law (including EU law as applicable/implemented in the UK). As your business is based in SA, you should start with documents designed to help with SA law.
(However, in some circumstances you may also need to comply with foreign law.)
Privacy policy document
I would like to know if I can use your template for my website even if I need to translate in French.
My organisation is a limited registered in the UK, my website will be provided information about sports in France. do you think your document can support my requirement.
Translation
The SEQ licence allows you to do this, but you may need to ensure that the translated document is compliant with applicable French law. (Although data protection law is in theory harmonised across the EU, in practice there are differences.)
Fees
Useful template thanks. I notice your templates says people can access their data subject to "(a) the payment of a fee (currently fixed at GBP 10)".
I thought GDPR made it illegal to request a fee unless the request was unduly onerous or made repeatedly. Could you clarify?
Thanks
Fees for SARs
There are two alternative sections in the privacy policy dealing with data subject rights. The first is designed to help with compliance under the Data Protection Act 1998 (DPA), and should be used until the General Data Protection Regulation (GDRP) comes into force. The second is designed to help with the compliance under hte GDPR, and should be used after the GDPR comes into force. See the sections numbered 8.
The reason for including both sections is that a GDPR-compliant section would be non-compliant under the DPA, while a DPA-compliant section would be non-compliant under the GDPR. We will remove the DPA section from the template in mid-May.
Freelance Writer/Researcher
My website promotes and advertises my range of services.
I am not a registered company, just a freelancer. There is no data collection. People can contact me directly should they have use of my services.
Am I obliged to include the privacy policy and if so which one?
Thank you
Privacy policy questions
If you didn't collect personal data and if you don't use cookies on your website, then you will have nothing to say in a privacy policy. However, as people can contact you, you do in fact collect personal data (which includes names, email addresses and so on). The website may also collect personal information (which can include IP addresses).
With the GDPR, privacy policy templates almost always need heavy adaptation to fit with the particular way in which a business (acting as data controller) processes personal information. I can't really give a sensible answer to the question of "which one" without knowing much more about the website, and what you do with personal data - in practice I would need to take you on as a client to give useful guidance here.
Basic website
Thank you for all the great templates and free stuff you have on your site. You have answered lots of my questions just on this blog here. Very helpful. I will need the website privacy policy when I upgrade later in the year but for now I just need a basic privacy policy which covers the collection of contact details for written records and email newsletters. I've been to the ICO website to find a template but its a very complicated site and haven't managed to locate one on there. Your information is so much clearer and easier to navigate.
Privacy Policy compliant with GDPR for an affiliate site
Hello,
I was wondering if the template would serve for my purposes. I will only collect very basic personal information (name, email address) and use that information for follow-up purposes, etcetera. Obviously I will use cookies. I would appreciate any advice. Thank you!
Only a template
Templates are merely tools, and always and to be adapted. So, if you adapt the document appropriately, it will serve your purposes. I appreciate that this isn't very useful guidance. However, in order to assess whether a document is helping a business to comply with the law I would need to: (i) know a good deal about the business; and (ii) see the final version of the document, post editing. This is not a service I can provide alongside the templates.
Online store
Hello,
Can I use this template for online store?
Thank you
Online store privacy policy
It could be adapted for this purpose, but for a more suitable document see the "online shop" variant of this document:
https://www.website-contracts.co.uk/privacy-and-cookies-policy.html
Starting a new business
Hi, I had started a book promo business, but deleted it, when I heard about the privacy policy. I don't have any money (long story) and it's the only way for me to make any. It will be awhile before I can afford a business license. I'm only collecting emails and using PayPal for payment. Do I really need a privacy policy? Is a free template enough? Thanks, I miss the old days ... lolsighs.
Privacy policy requirement
To the extent that the business will operate under English or other EU law, then yes you do need a privacy policy or similar notice. However templates - free or otherwise - cannot guarantee compliance, and always need some level of adaptation.
Email template for GDPR policy
The privacy policy template that you have is really very well written. But is there any email template that we send it to customers informing them about the update in our privacy policy?
Email template
Sorry, I don't currently have any template text for this.
Can we use your privacy policy on a non-commerical site?
I'm looking for a privacy policy to put on a radio club website. Can we use one from yours, without paying, and without having the atribution? Spending £10 for a business is nothing, but for us, it would be around 12% of our annual income.
In that case ...
... why not use it with attribution?
Translate the attibution version
Hi, my websites are all in portuguese language. Can I use your free version and translate it into portuguese? Also want to make some changes. Do you allow me to do the changes. thank you
Yes
Yes, you are welcome to translate the document, although assuming Portuguese law applies remember to account for any differences between English law and Portuguese law.
Online system
Hi, i have a new online system which requires users to register with name/email address, company and phone number.
I have looked at your template, but this seems to be overly complicated for my scenario. There is no marketing, cookies or onward distribution or transfer of any details.
The data stored is for internal purposes only. The only time the email address is used is for signon and to update software changes.
Do you have a less comprehensive template.
Thanks, Alex
Shorter version not yet available
I don't have anything shorter right now, although it is on the list. If you go over to https://docular.net you can get access to this template through the Docular online editor, which makes removing unwanted material very easy.
useable for usa?
Hi there, are your documents for use in the united states of america?
Not for USA
Unfortunately, no: these documents are not designed to help with US legal compliance.
Privacy policy
Thanks so much for this policy! I’ve updated it for my business and have now published it on my website, which I’d dreaded doing as I didn’t know where to even start. The notes were a huge help too, so clear and informative - I’m not a lawyer but I was able to follow them easily.
Hello, I am starting an on
Hello, I am starting an on-line store selling food supplement products based in the UK but selling in other EU countries as well. Which policy documents available here do I need to put on my website? There are quite a few versions so I am a bit confused. Thank you!
Legal documents for online store
Typically, an online store will need at a minimum: (i) T&Cs of sale, to govern the contract of sale itself; (ii) T&Cs of use, to govern the relationship between the website operator and users, who may or may not be purchasing goods; and (iii) a privacy and cookies policy, to help with disclosures relating to data protection law.
Whilst we don't currently have a free version of (i) on this website, you can find free versions of all three documents on our Docular website: https://docular.net
On-line store
I understand. However, I would appreciate if you gave me a link to specific versions, especially of (i) as there are a few I can see on docular.net with different prices. Which one would be the most suitable for my on-line store? I assume the food supplements do not require any specific clauses that other products don't have? Thanks so much again!
Links
I suggest you look at these documents:
https://docular.net/documents/template/173/free-website-terms-and-condit...
https://docular.net/documents/template/5194/free-terms-and-conditions-of...
https://docular.net/documents/template/174/free-privacy-policy
These are all free, but there are paid versions if you want to remove the Docular credit/link.
This may also prove useful:
https://docular.net/documents/template/5578/consumer-contracts-model-ins...
These do not contain any special terms regarding food supplements. If I were preparing the documents, I would expect to add some special disclaimers for the product type.
Re: Free documents
Hi, I went through your suggested documents, however, there are quite a few things that are unclear there for a non-expert like myself. Are there any explanatory notes for these doucments at all? For example, in Website Terms & Conditions par. 6.1 specifies that a visitor should be a resident in the UK whereas my website is targetting other countries in the EU so how is this relevant to anyone who is a resident in other such countries? Par. 19.2 gives you a choice between "exclusive" and "non-exclusive". What is the difference and which option to choose? The Privacy Policy doc is full of the unclear choices and "specify basis" "identify URL" and "sources" to fill in.... Could you explain perhaps how to fill in these as I have no idea what basis or sources I should quote.... :-( Thanks so much in advance!
Notes icon
If you click on the little notes / document icons in Docular, then notes corresponding to the relevant provisions will appear in the right-hand column.
The templates tend to include lots of optional / removable provisions, because it is easier to remove an unwanted clause than to write a missing one. The residency clause in the T&Cs can for most websites be removed.
Regarding exclusive / non-exclusive jurisdiction: the former should be used where you want ONLY the identified courts to adjudicate disputes; the latter where you want the identified courts PLUS any others who may have jurisdiction under the applicable rules of private international law. Even where you choose exclusive jurisdictions, the courts in a different country may sometimes ignore this (e.g. to apply their own consumer protection law).
Add new comment