Updated Post: Is a privacy policy really necessary for my website?
When I first wrote this post back in March of 2009, creating a privacy policy was a chore but the only difficult part was actually making yourself write one. In just a few short years advances in technology have led to an exponential increase in the ability to track what people do online to the point that now most of us have no idea what information is being tracked when we’re online or what information we are collecting about others when they visit our websites.
The updated post includes new resources as well as some direction on how to determine what data is being collected on your website.

Original Post

The bad news is that it is necessary. The good news is that it’s pretty easy once you understand what it needs to say.

Is a privacy policy really necessary for my website?
When building a website, privacy policy creation seems to intimidate website owners more than any other step of the process. The bad news is that it is necessary. The good news is that it’s pretty easy once you understand what it needs to say.

What is a privacy policy?
A privacy policy is a disclaimer placed on your website to tell your website users how you are going to handle their personal information. There are some circumstances where you are required by law to provide a privacy policy, but in general it is just a good business practice that fosters trust and encourages your website visitors to do business with you.

Where do I get one?
Once business owners decide that they need a privacy policy, many assume that they can copy and paste one from another website, use a standard template, or make their web developer write it. This is not a good idea! A privacy policy is a promise that you are making to your customers and you are ultimately responsible for keeping that promise. You are going to have to write it, although there are a lot of resources available to help you.

How do I get started?
While this is a legal document, its purpose is to make your customers feel comfortable that you are keeping their information safe and private. Be concise and make it very easy to understand. You need to include the type of information you may collect from them while they are using your website, who you share that information with, and how they can contact you to access or change the information. Before you draft your privacy policy, we would recommend visiting the Better Business Bureau to view their privacy policy guidelines, samples, and policy generator. http://www.bbbonline.org/understandingprivacy/PMRC/createpolicy.asp

Update 4/29/2013: The BBB has changed their website and removed the policy generator I linked to above.  Several of the local BBB’s have provided samples on their websites (Sample privacy policy from Dallas BBB and Sample Privacy Policy from Utah BBB), plus there are several additional resources in the comments below.

That wasn’t so bad. Now what?
When your privacy policy is written, it would be wise to have it reviewed by a lawyer. This is especially important if you are collecting sensitive information through your website, such as credit card numbers. Once you are ready to publish your privacy policy, it should be placed on your website and accessible from every page of the website.


  1. Thank you for publishing your invaluable guidance to privacy policy for websites. I am a newbie and GoDaddy could not give me the advice you’ve given me. Hence I was so frustrated and ignored my websites for a while as I did not have a privacy policy to place on them. One is listed as above. Please feel free to look at it. Despite asking experts on Google’s forum, one could never get straightforward tips!! You have given all readers a reply that is simple and concise.

  2. Another online privacy policy generator was sent to me today: http://www.freeprivacypolicy.com I haven’t looked at the finished product, but the questionnaire is well put together and easy to follow. Again, online policy generators are a great place to start, but my recommendation is to always consult with a lawyer before you finalize any legal documents.

  3. Here’s another great resource for privacy policy generation: http://www.serprank.com/privacy-policy-generator/index.php

Leave a Comment