- GDPR & CCPA compliant free tool
- Simple and clean pre-built template
- Customize and add clauses as required
- No PDFs or downloads, simply copy-paste the text/HTML
When it comes to websites, privacy is a two-way street. A website owner must protect the privacy of their visitors, but also needs to make sure that their visitors are aware of how they intend to use their information. Think about the possible violations of privacy on your site and develop policies to prevent them.
1. Create a CookieYes account
Sign up for free on CookieYes and verify your email address to complete registration.
2. Fill in details
Privacy policies are the first line of defense for your business. They are critical to protecting your customers’ privacy and ensuring that you can continue to provide them with the high-quality services they’ve come to expect from you. Once a user reads through these policies, they should understand how their data will be used.
What information do you collect and why
How does your site collect personal data about its users? What kinds of information does it collect? Does this include sensitive data? It should go into as much detail as possible about what exactly you collect and why you need it.
The more clear you are about your practices, the less likely people will be to have concerns about being able to trust your site.
How do you collect, use and disclose information
This section should describe all the ways in which your site or application collects, uses, and discloses personal data. What are all the ways in which your site or application uses user data? Do they sell it? Do they share it with third parties? Do they use it only internally? You should explicitly state any exceptions as well.
Data sharing and third-party access
How long the data is retained
How the site protects personal data
This section should describe the ways in which the website secures personal data, such as encryption of transmitted data, password protection and authentication methods for accessing personal data, and procedures for disposing of personal data.
Rights over personal data
The policy should clearly state the rights users have over their data and how they can exercise those rights. The policy should also clearly explain what kinds of requests users can make and if there are any limitations on those requests, as per applicable law.
How to control personal data
A description of how people can opt out of having their data collected by the website or app, including instructions on how to do so (for example, by using browser settings or site features).
How to contact you
Place the link in the right places
Art. 13 and 14 of GDPR list the information you need to provide if your business is subject to the law. This applies to privacy policies as well and includes all the sections we explained earlier.
The CCPA (California Consumer Privacy Act) is a US state law that applies to all businesses that collect personal information about California residents.
Infogrid explains in detail what information it collects from its users.
CookieYes uses a tabular format to list the purpose of collecting and using personal data and the legal basis for them.
BeeBlum explains the rights users have over their data and how they can review and exercise them.
- A description of what information you collect from users.
- Why and how you collect personal information from users.
- How and why do you share user data with third parties.
- How long do you keep user data.
- Opt-out options available to users regarding the collection of their data.
- Information about the security measures in place to protect personal data.
You can copy the policy as text or HTML and add it to your website.
Here are a few helpful guides for you to get started: