Convertri - the Blog
How to Write a Privacy Policy
Article written by

How to Write a Privacy Policy

Often overlooked, the privacy policy is one of the most vital parts of your website. If your site collects personal data from its users – such as form submissions or if you attach a tracking pixel – you will need a privacy policy.

It’s a formality required in many countries – and not having one when you should could land you in a lot of trouble. You may even have to pay a hefty fine.

So what should a privacy policy include – and do you really, reeeallly have to sit down and write one?

What is a a privacy policy?

In lawful terms, a privacy policy is a web page or document that declares a company’s or website’s policy on collecting and releasing information about a visitor. It usually declares what specific information is collected and whether it is kept confidential or shared with or sold to other firms, researchers or sellers.

A privacy policy is required for you to operate within the law if you collect information from your website visitors. It’s where you let people know what personal information you’re collecting, how you collect it, how you use it, and why.

One of the most important bits of a privacy policy also describes whether you share it with any third parties – and, if you’re a decent human being, why you do this and what the user can expect from it.

What does a privacy policy include?

Nearly every website you find will have a privacy policy nowadays. Click on it to read a real-life example of the sections you may need to include in yours.

Of course, they may have more or less information contained within the privacy policy than you need, so here’s a quick guide to the most common sections:

Introduction

Who are you? What are you all about? Why are you writing this privacy policy? An intro section isn’t mandatory, but it does help to clear up to users the basic facts and establish the kind of clear language you should be aiming for to encourage them to read further if they’ve got this far.

When it comes to a privacy policy, you can split it into as many sections as you like for easy reading. For example, here’s the first part of Convertri’s privacy policy:

Information Collection

This is where you need to disclose the types of personal data that your site collects and how you collect it from the user. Some companies combine this information into one clause, while others separate it into two separate ones, and most websites use list formats sparingly for sections like this.

In Convertri’s privacy policy, we format it into easy to read bullets and paragraphs. You can see clearly the kind of data we collect: for example, unlike LinkedIn, we don’t need your employment history, but we do find it useful to collect details about your browser type and survey responses.

Use of Information

Once you’ve collected your visitors’ information, how and why do you use it?

This is where you can reassure your visitors how your collecting data will benefit them (and it really should, otherwise don’t do it) as well as how you use the information in your business. It’s also helpful to point out that you won’t use their data for anything illegal or shady.

Third Party Disclosure

Third parties are the worst. That’s the thinking of most of your website visitors – most people hate being tracked around the internet by cookies and whatnot, or that’s what they’ll say when you enquire. The truth is, as long as you do it well, sharing data with third parties is absolutely fine as long as it benefits the customer – and you should be upfront and comprehensive in your privacy policy when you disclose who you share their info with, and why.

In Convertri, we set out who we share your data with, but keep the actual list for later on so it doesn’t clog up the reading flow. In our case, we need to disclose your information to joint controllers and system administrators who help run our app.

 

Information Protection

Reassure your users that the personal information you store is stored securely. You don’t have to go into the nitty gritty of how you do it – you don’t want to give hackers a roadmap – it’s important that you state clearly that you do take steps and have protocols for security and know what to do if things go wrong.

It’s a good idea to mention that your site is covered by SSL encryption, which lets them know it’s highly secure without giving away too much of your security protocols. You should probably also add a disclaimer which states that no system can ever be regarded as 100% secure – just in case the worst happens.

 

User Legal Rights

You must also include a section with your Privacy Policy that covers the rights of your users. This is especially relevant if your Privacy Policy needs to be compliant with GDPR.

In this section, you should explain that your visitors have the right to make amendments to their data, to delete data and to review the information on them that you hold. It’s a vital section to have to remind your users of their personal power over the information stored about them on websites.

 

 

 

Data Retention

How long are you going to hold and use your visitors’ personal data? You need to set out just how long they can expect to be on your system, as well as why you hold it that long.

Should I write one from scratch?

You can write a very basic privacy policy from this guide, but we feel like we must disclose (see what we did there?) this post isn’t meant for that. It’s a basic guide to the sections you can expect from a basic privacy policy, as well as why they need to be present.

To write your own privacy policy, there are many compliant generators on the internet which will ask you a few survey-like questions and spit out a fully formed privacy policy that’s customised for you, which you can copy and paste on your own site.

A word of warning: it’s not always easy to know how compliant these websites are, and therefore if your privacy policy will actually get across the information you need it to. Rules of the internet change from time to time (such as the recent introduction of GDPR, for example), so you would need to periodically get your privacy policy checked.

Alternatively, you can always pay a high-priced legal body to draft and check a privacy policy just for you, if you can afford it.

…Or, just get Convertri to do it

With Convertri, you get a fully functioning privacy policy template to use, right out of the box. You just add it like any normal page, then scan the copy for the bits you need to change, such as your website’s name, which are highlighted in red. We periodically review our privacy policy template so it’s always reliable, and getting it published is as easy as 1-2-3.

It’s simply the easiest method to put a privacy policy on your site.

Got any questions? Just leave us a comment below!

Article written by

As Executive Word Arranger at Convertri, Beth writes the help docs, update emails and interesting videos. Her British accent makes it sound a bit more credible when she records videos about Albert Einstein fighting hydras in space.

Related Articles

Interesting Stuff

What is Conversion Rate Optimisation?

Conversion rate optimisation (or CRO) is the practice of converting more leads into customers. Optimising your conversion rate can include tweaking your copy, making changes to your page design, or changing any number of other factors such as your offer or times you post on social media, with one goal in mind – getting more […]

Interesting Stuff

4 Steps to Writing Awesome Product Descriptions

“When I put on the pair of glasses what I saw I could not believe. Nor will you.” No, that’s not the opening line to classic 1988 sci-fi horror They Live – although you’d be forgiven in thinking so. It’s Joseph Sugarman’s subheading to his iconic print ad that sold over 100,000 pairs. The sunglasses […]

Case Studies Interesting Stuff

Testing Our Mettle: How 4 Split Tests Saved A Launch

“Well.  Shit.” Andy had just got off the Quizitri pre-launch webinar.  He was buzzing – he always is after he’s been talking to engaged audience who are actually interested in the tech he’s made.  It’d been a long call, as well.  Lots of questions and lots of interest in our new platform, and since Andy […]

Interesting Stuff

9 Ways to Grow Your Email List

Ah, email marketing. The copy, the subject lines, the analytics, the open rates and CTR… None of that matters if you don’t have a list. Whether you’re building a list from scratch or looking for ways to increase your email subscribers, there are a number of proven ways to grow your email list from skinny […]