Privacy Policy Definition
A privacy policy is a legal document that informs your site’s users about how you collect and handle their personal information. You may also hear privacy policies referred to by the following names:
- Privacy notice
- Privacy policy statement
- Privacy page
- Privacy clause
- Privacy agreement
A general privacy policy explains a platform’s interactions with the personal information and personally identifiable information (PII) of its users. PII is information that can be used by itself, or combined with other information, to identify an individual.
Specific platforms or services may require a unique privacy policy template. Examples include:
- app privacy policies
- privacy policies for Blogger
- WordPress privacy policies
- ecommerce privacy policies
- small business privacy policies
However, a standard privacy policy template will likely satisfy user demands and legal requirements for your website
If your website uses personal information (e.g, collected names, email address, or credit card information), most legislations around the world require that you have a privacy policy.
If you run a website, mobile app, or desktop app, you are likely legally required to have a privacy policy somewhere on your site. You must display links to your policy clearly, prominently, and conspicuously, so that users can navigate to it quickly and easily.
As data collection and processing becomes more ubiquitous across the internet, privacy laws in the US and around the world set strict requirements for privacy policies. Here are the major laws that affect your website privacy policy:
GDPR
If you target users in the European Economic Area (EEA), you’re subject to comply with the General Data Protection Regulation (GDPR).
The GDPR is one of the world’s most comprehensive privacy laws, setting international standards for appropriate data handling. Article 12 of the GDPR grants users the right to transparent information about how their data is collected and handled. For business and website owners, this means that transparent privacy policies are mandated by the GDPR.
COPPA
If your website markets to children, strict rules and regulations apply. Most notably, the Children’s Online Privacy Protection Act (COPPA) governs websites that market specifically to kids.
If the target audience of your site is children under the age of 13, federal law requires you to include a company privacy policy that covers very specific information about your business.
CalOPPA
The California Online Privacy Protection Act (CalOPPA) was the original privacy law in the US which mandated that websites make privacy policies available to users. The act also outlines what information needs to be made available regarding data handling — including what data is collected, where from, and whether it’s shared or sold.
CCPA
Currently the most comprehensive data privacy law based in the US, the California Consumer Privacy Act (CCPA) builds on the online privacy policy requirements of CalOPPA. It builds on CalOPPA’s privacy policy standards, demanding that businesses and websites implement even more transparent and comprehensive policies.
In effect since January 1, 2020, the CCPA sets an annual update requirement for privacy policies. Therefore, you will need to update your CCPA privacy policy every year.