Have a Website? You Need a Privacy Policy. Here’s Why

— February 19, 2018

Earning an income from your blog is a much easier venture than starting a traditional business and you don’t have to check zoning laws or apply for building permits. However, that doesn’t mean there aren’t legal requirements you need to comply with.

One of the most inconspicuous but necessary legal requirement is the privacy policy, and this applies to all websites, big or small. If you’re a small business or even just a blogger earning no income from your website and aren’t sure why on earth in the first place you’d need one, you might be surprised.

Chances are quite high that you might be (even if you’re not really aware of it) – collecting various forms of information from your visitors, tracking them with analytics, or displaying ads. For many of these activities, the chances are quite high that you’re required to have a privacy policy.

What Exactly Is a Privacy Policy?

A privacy policy is a document that details what personal information you collect from your users, how you use it, and how you keep it private.

The exact contents required will depend on the applicable laws or policies. Also, the definition of what constitutes “personal information” varies, but it often includes names and email addresses, and sometimes IP addresses and browser cookies.

In the information age, data is the new currency. Private information on individuals is very valuable to advertisers, businesses, and governments.

Today, many countries consider privacy to be a fundamental human right, and have passed legislation to protect individuals from their information being collected and used without their knowledge. Data privacy laws usually require that anyone collecting personal information via their website needs to have a statement on how and why they do so.

According to many privacy laws, you can be fined or even prosecuted if you collect personal information without informing your users, or if you violate your own privacy policy.


Australia’s Privacy Principles (APPs) is a collection of 13 principles guiding the handling of personal information. According to these principles, you must manage personal information in an open and transparent way.

European Union Data Protection Directive of 1998 states that anyone processing personal data needs must do so in a fair and lawful manner. In order for the data collection to be considered lawful, data can only be collected for specified, explicit and legitimate purposes.

U.K. Privacy and Electronic Communications Regulations 2003 restricts the use of cookies and similar technologies on a users’ devices unless users 1) are clear about the purpose of the usage of cookies and 2) have given their consent.

Do All Websites Need a Privacy Policy?

Here are some possibilities on why you might need a privacy policy:

  1. It may be required by law. Dozens of countries around the world have laws requiring privacy policies if you live in their jurisdiction, or if you collect information from their citizens.
  2. You may be required to by a third-party service. Many services that collect information through your site, such as Google AdSense and Amazon Affiliates, require you to have a privacy policy as well.
  3. It’s the right thing to do. Being transparent and sharing honest information about what data you collect and how you use it goes a long way towards establishing trust with your users. Collecting and using their data in secret is deceitful and devious – which is why it’s illegal in many countries.

If you’re not sure whether or not you need a privacy policy, it’s better to be safe than sorry.

What Should Be Included?

When creating a privacy policy, the exact information required will depend on the applicable laws or policies.

In general, most privacy policy laws require you to inform your users of:

  • Your name (or business name), location, and contact information
  • What information you’re collecting from them (including names, email addresses, IP addresses, and any other information)
  • How you’re collecting their information, and what you’re going to use it for
  • How you’re keeping their information safe
  • Whether or not it’s optional for them to share that information, how they can opt-out, and the consequences of doing so
  • Any third-party services you’re using to collect, process, or store that information (such as an email newsletter service, or advertising network)

For Google Adsense, your policy needs to inform your users:

  • Google and other third party vendors use cookies to serve ads based on a user’s prior visits to your website.
  • Google’s use of the DoubleClick cookie (a cookie that is activated when users visit a partner’s website and view or click on an ad) enables Google and its partners to serve ads to your users based on their visit to your sites and/or other sites on the Internet.
  • Users can opt out of the use of the DoubleClick cookie for interest-based advertising by visiting Google Ads Settings.
  • Inform them of any third-party vendors and ad networks serving ads on your site, and provide a link to them.
  • Inform your users that they may visit those websites to opt out of the use of cookies for interest-based advertising (if the vendor or ad network offers this capability). Alternatively, you can direct users to opt out of some third-party vendor’s use of cookies for interest-based advertising by visiting aboutads.info.

For Amazon Affiliates, you’ll need to inform your users:

  • How you collect, use, store, and disclose data collected from users
  • That third parties (including Amazon or other advertisers) may serve content and advertisements, collect information directly from users, and place or recognize cookies on their browsers

Be sure to avoid complex writing, jargon, or legalese. While a privacy policy document is about protecting you, it’s also about informing the user. Try to keep your privacy policy short and concise, and easy to understand.

Tools for Creating Privacy Policies

While it would be ideal to hire a lawyer to make sure your privacy policy is compliant with all applicable laws, that’s not an expense every blogger can afford.

You can follow the bullet points above to write your own privacy policy in simple, easy to understand language. However, that won’t ensure that your policy follows all the applicable laws in your country.

Instead, here are some online tools and resources for you to create your own privacy policy.

  • International Privacy Laws by Country: This is a great resource to find out if your country has privacy laws, though the legalese can be difficult to interpret.
  • Privacy Policy Generator (disclosure: this is a client of mine): This tool will generate a free privacy policy for you as long as your site is non-commercial. If you earn money from your site, there’s a nominal fee for the privacy policy. The service asks about your country and other details to make sure the resulting policy includes all the required information to be in compliance with the law.
  • Shopify Privacy Policy Generator: If you run an e-commerce site, check out this generator by Shopify.

Put Your Privacy Policy Into Place Today

While it may seem like a hassle, putting off this important aspect of your blog could result in trouble down the line. You really don’t want to risk being banned from your affiliate ad networks, or getting sued by a website visitor.

Protect yourself by using one of the tools above to create your privacy policy now, and you won’t have to worry! The process will also help you to familiarize yourself with useful details on user privacy.

Digital & Social Articles on Business 2 Community