Having an easy to read and factually accurate website privacy policy is essential in 2019.

Contrary to popular opinion, having a privacy policy is not optional. GDPR and data privacy laws around the world, stipulate that if you collect any personal information from website visitors, how and why needs to be clearly outlined. If not, websites may face hefty penalties.

Is a Website Privacy Policy Required by Law?

If you operate a simple blog or WooCommerce store, it can be easy to assume that some rules do not apply to you. However, this couldn’t be further from the truth.

Almost all modern websites automatically collect information such as a visitors IP address. Most will also set cookies in visitor browsers. In every case, such actions are legally defined as gathering personally identifiable information. This being the case, even if you do not invite visitors to subscribe, purchase from, or interact with your website in any way, you are legally bound to declare what data you do collect and why.

Data Privacy

What is a Website Privacy Policy & What Should it Detail?

At its most basic, a website privacy policy is a legal agreement. Specifically, one which details what user information you collect, why you collect this data, how it is stored, and how users can access this information.

Can I use a Privacy Policy Generator to Create a Privacy Policy?

WordPress and several other website builders include default privacy policy pages. However, it is rarely a good idea to use any pre-made template or privacy policy generator to create a privacy policy.

  • Different website plugins use different cookies which automatically generated privacy policies will not detail
  • Any privacy policy you use needs to be specific to your site and your data collection and storage methods
  • If a privacy policy you use is not 100% accurate, you may be fined under EU GDPR rules and other privacy laws applicable in your area

Any Privacy Notice Must Detail Your Visitors Rights as Individuals

Before the implementation of GDPR in May 2018, many websites used privacy policy pages which asked for nothing more than visitors to consent to the use of cookies. Today in 2019, thigs couldn’t be more different.

Declarations in any contemporary privacy policy must detail:

  • A general introduction to who you are, where you are located, and the nature of your business
  • Comprehensive details of the types of personal information your website collects on visitors
  • Your reasons for collecting any information
  • Details concerning how data is used and stored
  • Clear details concerning how information is shared with any third-party


Most importantly of all, a privacy policy must make it clear how visitors can opt-out of data collection. In the case of GDPR, this means informing users of their right to file a Subject Access Request (SAR). Any privacy policy must then also detail how such requests will be handled.

What Happens if Privacy Policy Data is Inaccurate?

GDPR and similar privacy laws are designed to ensure that companies do not misuse personal information. If the information contained in your privacy policy is inaccurate, you may face fines of up to 4% of your websites global turnover. For this reason, it is critical that website owners in 2019, polish their privacy policies to reflect complete accuracy and compliance with local and international data protection laws.


We promise. No spam.