What Is A Website Privacy Policy?

Date First Published: 5th September 2022

Topic: Web Design & Development

Subtopic: Web Development

Article Type: Computer Terms & Definitions

Difficulty Level: 4/10

Learn more about what a website privacy policy is in this article.

A website privacy policy is a legal document disclosing the ways a website collects, stores, uses, protects, and handles personal user data. Nearly all websites have a privacy policy and they also disclose which personal data is collected along with whether it is kept confidential, shared with partners, or sold to third parties.

Before using a website, visitors must agree to the privacy policy, although a privacy policy is often a boring legal document that only lawyers read, so it is likely that most visitors have never read them. When signing up for an account, almost all websites include a statement that says something like 'By signing up, you agree to the terms of use and privacy policy', or they may contain a tick box that users must tick to sign up.

Sections Of A Privacy Policy

A privacy policy is often made up of these sections, which include:

Types Of Personal Data Collected

This section describes the types of personally identifiable information that a website can collect. It may include information about the following:

• Usage data - The data collected when using the website by web analytics services, such as Google Analytics. It may list the information collected, such as the time and date of the visit, the time spent on those pages, unique device identifiers, screen resolution, type of device, operating system, and other diagnostic data.
• The tracking technologies - Technologies used to track the behaviour of a website, such as cookies, scripts, and tags. It may list the cookies used, although they are often listed on a separate page, called a cookie policy.

Usage Of Personal Data

This section describes how the website uses personal data and the purposes for collecting it. Reasons may include monitoring the usage of the website, managing an account, contacting users, providing users with business transfers, and more. It may also describe situations where the website might share the user's personal data.

Retention Of Personal Data

This section describes how long the website will retain user’s personal data. It will often state that the website will only retain personal data for as long as is necessary for the purposes set out in the privacy policy.

Disclosure Of Personal Data

This section describes situations where the website will have to disclose user’s personal data (e.g. for legal reasons).

Security Of Personal Data

In this section, the security of user’s personal data is stated. It is often a short section that describes that the security of personal data is very important to that website, but its security cannot be 100% guaranteed.

Children’s Privacy

This section may state that they respect the privacy of children and do not collect personally identifiable information from children under the age of 13 without parental consent. This is the result of a US law, called COPPA (Children’s Online Privacy Protection Act).

Links To Other Websites

If the website contains external links to other websites, it will state that the user will be directed to that third-party website and that it is recommended to read the privacy policy of that site. It will also state that it has no responsibility or control over the content of any third-party sites or services.

Is A Privacy Policy Required?

In most countries, a privacy policy is legally required if a website is capable of collecting personal information from users due to laws, such as GDPR. Personal data includes data that can be used to identify an individual, including first and last name, email address, phone number, card number, marital status, medical history, physical address, date of birth, financial records, and IP address. Third-party services, such as Google Analytics require a privacy policy.

How To Generate A Privacy Policy?

A privacy policy is often a very long document. It is much easier to generate one and customise it than to write one from scratch. Freeprivacypolicy.com is a fast and free privacy policy generator that generates a privacy policy document. All you have to do is enter relevant details about your website and it will generate a document with those details in it.

History

The Council of Europe started to investigate the impact of technology on human rights, becoming aware of the new threats by computer technology that could link and transmit in methods that were not widely available before. In 1969, the Organisation for Economic Co-operation and Development (OECD) started to investigate the impact of personal information leaving the country. All of that led to the council recommending that a privacy policy should be developed to provide protection for personal data held by both the private and public sectors, leading to Convention 108.

In 1981, the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108) was introduced. One of the first privacy laws that was approved was the Swedish Data Act in 1973 along with the West German Data Protection Act in 1977 as well as the French Law on Informatics, Data Banks, and Freedoms in 1978.