Privacy Policy
Our best-selling Privacy Policy template:
- Now over 200 sold!
- Get your website GDPR compliant quickly
- UK-expert-drafted template for reliability
- Easy to edit to your own requirements
- Lifetime free updates of the template
How Does It Work?
-
1. Download
-
2. Edit
-
3. Print
-
4. Sign
Professionally-drafted by an expert UK solicitor, but available to you at a great price, this is our standard template for a Privacy Policy for your website. It is GDPR compliant, so you can comply with the changes in the law that came into force on 25th May 2018 (see below). It is also compliant with the Data Protection Act 2018, which came into force on the same day.
This is one of our best-selling templates, with over 200 sold!
Use this template for any type of website, e.g. business, forum, chat-room or blog, when you want to put in place a privacy policy. You then customise it to suit your needs, using our helpful guide.
This template creates a robust and detailed policy, suitable for all types of commercial and non-commercial websites. As a bonus, it also includes a cookies policy at no extra cost.
What does a Privacy Policy do?
Our privacy policy template provides a basic outline of the ways in which you will deal with customer’s (including here any other users of your website) personal data and, as it states that use of the website and the supply of their personal data to you constitutes agreement for you to use it in accordance with this policy, by implication you have their consent to do so. If you use personal data in other ways not mentioned in the template, then you may need to adapt the policy.
If you are a Web Design Agency and are looking for a Privacy Policy template for use with all your customers, we have a special offer on just for you and your customers. So please contact us on 0333 355 4900 or by email – [email protected] – and ask about our special offer.
David, our co-founder and lawyer of twenty years, has drafted this template. This ensures that you can rely on the document being up-to-date and comprehensive. Our free guidance notes are detailed and offer a clause-by-clause explanation of the template. They make completing the final draft quick and easy. Just click on the link for a copy of the guidance notes: guide to this template.
The GDPR & the Data Protection Act 2018 are here
The EU Directive on data protection known as the GDPR now applies in the UK as of 25 May 2018 (the UK’s Data Protection Act 2018 took over and applies after the UK left the EU). We have now fully updated the privacy policy template to ensure it complies with the GDPR and is up-to-date. For anyone who has bought our template previously, they will have free access to the updated version now, so they can download the latest version for free from their account (this principle applies to all our templates – you get free updates for life).
So, if you are not already complying with the changes in the law that came into force on 25 May 2018, then use our template. Legalo’s GDPR-compliant privacy policy template will get your website compliant quickly.
For further information on the key changes being made by the GDPR, please read our blog article here. If you are a digital marketing agent or part of a marketing team, then please have a look at our detailed free guide on GDPR for Marketers here.
For information on the likely level of fines from the ICO for GDPR and data protection breaches, see this great article from ITPRO: https://www.itpro.co.uk/general-data-protection-regulation-gdpr/31025/gdpr-fines-how-high-are-they-and-how-can-you-avoid.
Using our template
This template comes in Word format. Download it at the click of a button once purchased. You can then easily edit it to suit your needs.
We provide a full money-back guarantee if you are not happy with your template document for any reason.
Once purchased, you can reuse this privacy policy for updating your policy again and again at no further cost. We keep our templates under review to ensure they are up-to-date. When we update a template that you’ve bought, we’ll notify you by email. Then you can download the free updated template.
How and when to use our template
You will need a Privacy Policy if you want visitors to your website to take it seriously. Visitors can then feel assured that you are taking their rights seriously. When you purchase the template from us you can achieve this with very little expense. You will be able to download the template to your computer. Once you have done so, you can customise it to suit your website’s needs.
This template is a good choice for e-commerce websites. It also works for blog websites or forums and other non-business sites. The policy is there so your visitors know what you do with the information they provide you when they visit your website. In it you would outline what information is kept and how the website will process and use this information.
The template will tell the visitor what you will do with the information. Also it advises if you are going to:
- give it to third parties that are affiliated with you; or
- if you will just keep it within your own business.
What else do you need?
Selling via the Internet will mean that, in addition to dealing with data protection, you may also need our templates for:
If you need all of these templates, you may be interested in our discounted bundle for website compliance, which contains all of these and more at a hefty discount.
To check out our other e-commerce and internet templates, click on the link.
FAQs on Privacy and Data Protection
Below, we answer some of the most popular questions on the Internet about privacy policies.
Why do you need a privacy policy?
It is a legal requirement to comply with data protection laws when handling data. Almost all organisations commercial or otherwise handle data. The policy serves several purposes: one is to let people know how you handle their data; the other is a legal requirement – to obtain their consent to your handling their data in the way outlined. Without the first, you cannot have the second.
What can happen if you don’t have a privacy policy?
If you don’t have a privacy policy, then you probably don’t have the data subject’s consent to handling their data. If that is the case, you are leaving yourself wide open to a huge fine from the ICO.
Get compliant:
- register with the ICO for your data handling; and
- get a privacy policy in place.
Do I need a privacy policy? Does every business need a privacy policy?
If your business processes customers’ personal data then the easy answer is, “Yes”, you will need a privacy policy to govern and state what you do with that data. Almost every business and not-for-profit organisation will handle customer, employee and/or contractor data. This means all of them need a privacy policy. It also means they all need to register with the ICO for handling/processing data.
Do I legally need a privacy policy? Does GDPR require a privacy policy?
Any business that processes personal data is legally required to have a privacy policy. This is the case even if your business does not own a website, although in that case you must provide each customer with your privacy policy at the time they place an order with you.
Can I use a privacy policy template?
Yes, a privacy policy template us a useful tool to enable you to create a inclusive policy for your business. Legalo’s one is great as it has been professionally drafted and is very easy for you to fill in and use.
What should my privacy policy include? What is required in a UK privacy policy?
This document should tell customers, at the very least, the following:
- what information you are collecting,
- how it is collected,
- what it is used for, and
- if their data is shared with any third parties.
Can I copy someone else’s privacy policy?
You would be infringing the copyright of that document. If the owner of the document finds out, you would have to discontinue use of the document. It is fairly easy, using certain tools, to find other websites using your website’s content. So it is possible they would track you down if they had a uniquely drafted privacy policy.
Is a privacy policy the same as GDPR?
They are not the same thing. GDPR (or now the Data Protection Act 2018) is the law. Having a privacy policy is one of the ways in which you comply with the law in GDPR.
How much does a privacy policy cost?
We charge just £29.95 for a fully comprehensive policy. A typical law firm will charge more like £500 plus VAT, but it will vary a bit.
What are the three things you should look for in a privacy policy?
Three things that you might want to include in your privacy policy are:
- What data you are collecting from people, be that email, telephone numbers or addresses;
- Who that data is shared with, for example does another company collect this data on your behalf? You could share that companies name;
- What category the date you have collected comes under. Are they customers or are you their customer?
What is the most important component of a privacy policy?
Your contact details! How can your customers get in touch with you? Provide them with an easy way of contacting you. This can be via email, telephone or postal address.
What is a good privacy policy? What is a UK GDPR compliant privacy policy?
A good privacy policy complies with the law. It should do the following things:
- tell visitors your website, customers, suppliers and other contractors what you do with their data;
- by telling them this, obtain their permission to use their data in this way; and
- thus, be evidence that you have their permission to do this to their data.
You should keep your privacy policy up-to-date. You should review your privacy policy regularly, particularly if you have any change in your business practices. For example, if you did not send a newsletter to past customers before, but now you do, then ensure you:
- update your privacy policy to cover this new function (best practice would be to send all your customers a copy of the revised policy and tell them of this planned change of practice); and
- check your registration with the ICO covers this use – update it if necessary.
What happens if you do not have a privacy policy?
If you get a fine from the ICO for breaching someone’s data rights, then not having a decent privacy policy is likely to increase the size of that fine. You are more likely to get complaints from customers that you are misusing their data is you have no privacy policy. Also you and your employees are less likely to know what you can and cannot do with customer data, leading to greater risk of breach of their data rights. It all becomes a vicious circle.
Do I need a privacy policy if I don’t collect personal data?
The law changed with the Data Protection Act 1998, when a much wider definition of “data” was brought in, meaning virtually any data about a person or organisation is personal data. As a result, it is getting very hard to think of any scenario where a business or other organisation does not collect, process or use data in any way.
Who is responsible for a privacy policy?
If you are a business that processes customer or contractor data then you will be responsible for that data.
What is the difference between a privacy notice and a privacy policy?
These are the same thing.
What is the difference between a data protection policy and a privacy policy?
People often think of these as being the same thing. However, this is not quite right. A data protection policy is an HR policy – part of your staff handbook and one that tells the employees:
- how they can use customer data and comply with the law, and
- also how you handle the employees’ personal data.
The privacy policy is a customer-facing and supplier-facing document that tells your customers and suppliers how you will handle and use their data.