Widener University School of Law graduate, Managing Legal Editor at TermsFeed.
On this page
At Step 1, select the Website option or App option or both.
Answer some questions about your website or app.
Answer some questions about your business.
For the most part, Privacy Policies are fairly standard and include information about the following:
- What personal information you collect
- How and why you collect it
- How you use it
- How long you retain it for
- How you protect it
- Any legally-granted rights users have regarding all of this
- Your contact information
This may sound like a lot. However, if you have a good grasp on your internal practices and/or have a smaller business that only collects minimum information for basic purposes, you should fairly easily be able to address each of the points above simply by using online resources.
When deciding if you should enlist a lawyer, consider the complexity of your business.
Ask yourself the following questions:
- Do you collect a large amount of personal information from your users?
- Do you have an ecommerce component?
- Do you have users in multiple countries or legal jurisdictions?
- Do you transfer data to or from third parties?
This is because you'll need to disclose each piece of data you collect, along with information about how you collect it, how you use it and so forth as noted above.
If you collect one or two simple things, this will be pretty straightforward. But you can see how things can get complex if you collect many different pieces of data for a variety of purposes and from a range of sources.
Do You Collect a Large Amount of Information?
Consider an ecommerce store that collects sensitive financial information, mailing addresses, phone numbers and uses retargeting cookies to advertise to customers after they leave the site. You can see how this would be more complex than someone who runs a personal blog to showcase artwork with no option to purchase, and only collects email addresses.
Here's an excerpt from Amazon's Privacy Notice that discloses how the company uses personal information it collects. Because Amazon is a large, international company that provides goods and services, from grocery delivery to audio books, you could imagine how its Privacy Notice would be quite complex:
Amazon uses personal information for things like personalizing product recommendations, providing voice, image and camera services, to process and deliver orders and to prevent fraud.
Information is used for more basic things like communications, improving the website and resolving problems.
Things can get even more complicated and complex if your user base is broad and international.
Do You Have International Users?
California also has strict privacy laws like CalOPPA and the CCPA.