A Privacy Policy isn't only necessary for large commercial websites. It's essential for any site that collects users' personal data. This includes blogs, personal brand sites, or online portfolios.

In this article, we look at Privacy Policies for personal sites, including when to use one, how to write one, and what you need to include in it.

Our Privacy Policy Generator makes it easy to create a Privacy Policy for your business. Just follow these steps:

  1. At Step 1, select the Website option or App option or both.

    TermsFeed Privacy Policy Generator: Create Privacy Policy - Step 1

  2. Answer some questions about your website or app.

    TermsFeed Privacy Policy Generator: Answer questions about website - Step 2

  3. Answer some questions about your business.

    TermsFeed Privacy Policy Generator: Answer questions about business practices - Step 3

  4. Enter the email address where you'd like the Privacy Policy delivered and click "Generate."

    TermsFeed Privacy Policy Generator: Enter your email address - Step 4

    You'll be able to instantly access and download your new Privacy Policy.



What is a Privacy Policy?

A Privacy Policy sets out how you handle users' personal data. It explains how your site collects, protects, and uses their personal data. If you share or sell any personal information to third parties, this should also be explicitly stated in your Privacy Policy.

When drafting a Privacy Policy, make sure it's written in clear, easy-to-understand language. After reading your policy, users should understand why you collect their personal information, how you collect it, and how you use it so they can provide informed consent for your site to process their personal data.

What is Personal Data?

Personal data is any information that could be used to identify an individual.

Examples of personal data include but aren't limited to the following:

  • Names
  • Addresses
  • Contact details, including email address
  • Date of birth or age
  • Sex
  • Race
  • Location
  • Credit card details

Even if your site only collects one of these, such as users' emails for newsletter purposes, you need to have a Privacy Policy.

Why Do You Need a Privacy Policy for Your Personal Site?

Why Do You Need a Privacy Policy for Your Personal Site?

There are several reasons why you need a Privacy Policy for personal websites. It can be a legal requirement, a third-party requirement, or to reassure users you handle their personal information responsibly.

A Privacy Policy is Required by Law

A Privacy Policy is often a legal requirement.

The centerpieces of data protection legislation requires any website that handles personal data to display a Privacy Policy. Some of these key laws include:

  • The EU's General Data Protection Regulation (GDPR)
  • The UK's Data Protection Act (DPA)
  • The California Consumer Privacy Act (CCPA), amended by the CPRA
  • The California Online Privacy Protection Act (CalOPPA)

Personal or small websites usually collect analytics or some basic personal information from users, such as an email address for newsletter subscribers.

Keep in mind that the applicable data protection legislation depends on the location of your users, not your business. If your website is based in the UK and has European, UK, and Australian-based users, then you need to comply with the data protection legislation of these three countries.

Failure to comply with applicable data protection laws may result in fines.

A Privacy Policy is Required by Third Party Services

In addition to data protection legislation, a third party's Terms of Service agreement may also require you to display a Privacy Policy on your personal site.

For example, a condition of the Google Analytics Terms of Service is that users display a Privacy Policy setting out the use of the application. Google AdSense, Amazon Associates, Google Play, and Apple's App Store have similar requirements in their conditions of use.

If you use any of these applications on your website, then you will need a Privacy Policy.

Reassure Users You Handle Their Information Responsibly

A Privacy Policy also reassures users that you handle their personal data responsibly.

Online privacy is important to users. They have a right to know if their personal data is being collected so they can make an informed choice about whether to continue using a website or service.

Clearly displaying a Privacy Policy on your website enhances transparency and builds trust with your users by demonstrating you handle their information ethically, responsibly, and securely.

How to Create a Privacy Policy for Your Personal Website

How to Create a Privacy Policy for Your Personal Website

While the specific content of your Privacy Policy depends on the applicable legislation, as well as the nature of your site or business, there are some standard inclusions.

Every Privacy Policy should explain, at a minimum:

  • The types of data you collect and how you collect them
  • How you use the data you collect
  • Whether you sell or share the data
  • Your data storage and retention policy
  • Your site's use of cookies

Types of Data You Collect and How You Collect Them

This section should clearly set out the categories of data you collect so users can decide whether to share it with your site. It should also explain how your site collects this information. For example, you may collect some data automatically or based on the information users provide to you themselves.

For a blog or personal website, the type of data collected may be more narrow in scope than a large commercial website. You can present this information in a list, table, or paragraph format, as long as it is easy for users to read and understand.

For example, Tim Harford's Privacy Policy succinctly describes the type of personally identifiable information the site may collect from users in a list of examples:

Tim Harford Privacy Policy: Information Collection and Use clause

A more detailed example can be found in Amy Boyd's Privacy Policy. In it, she lists the data her site collects in a table with a "Basically" column explaining the effect of the clause in simple, conversational language:

Amy Boyd Privacy Policy: Information we collect and how we collect it clause

This demonstrates how you can adapt your Privacy Policy to suit the tone and overall feel of your site, as long as you include all of the necessary information.

How You Use the Data You Collect

One of the most important functions of a Privacy Policy is explaining what you do with the data you collect. These reasons might include providing users with a product or service or sending users further promotional materials or a newsletter.

The Tim Ferriss Privacy Policy lists the 14 ways personal information is used, including providing services, sending emails, and processing payments, as well as for fraud prevention and detection purposes:

Tim Ferriss Privacy Policy: How we use your information clause

While this Privacy Policy uses a table, you can present this information as you wish. Just ensure this clause comprehensively addresses all of the potential ways you use the personal data you collect.

If a potential use includes selling or sharing your users' personal information, you should address this separately.

Whether You Sell or Share Personal Information

When explaining how you use the data, it's crucial to disclose whether you sell or share users' personal information with third parties.

One of the main purposes of a Privacy Policy is to ensure transparency around your data collection processes so that your users feel comfortable sharing their information with you. If you fail to notify users that you may sell or share their data and they later discover you're doing so (and profiting from it), this is both illegal and unethical.

This point is so important that you should also specifically mention if you don't sell or share users' personal data.

Syed Balkhi's Privacy Policy does just that. It's also a great example of writing a Privacy Policy in the tone of your personal website:

Syed Balkhi Privacy Policy: Share personal information with third parties excerpt highlighted

Ryan Robinson's Privacy Policy specifies that it doesn't sell users' personal information. It does share data with third parties and provides a comprehensive list of these third parties:

Ryan Robinson Privacy Policy: Share data with partners and government agencies sections

While you can present this information in a variety of ways, it must be clear enough for users to quickly and easily understand whether or not you share or sell their personal information.

Your Data Storage and Retention Policies

Your Privacy Policy also needs to explain how you store the data you collect, as well as how long you store it.

Data breaches are a growing concern for users. Explaining your data storage and retention processes reassures users that their personal information is kept safe.

In its Privacy Policy, the A Beautiful Mess blog explains it follows industry guidelines to protect the personal information users share, although it cannot guarantee the absolute safety of this information:

A Beautiful Mess Privacy Policy: Security clause

It also provides a contact in the event users have any questions or concerns about their data. This transparent approach goes a long way in building user trust in your personal site.

Your Use of Cookies

Many websites, including personal sites, use cookies to enhance users' experience. This involves storing a user's personal and browsing data, including their IP address.

If your site uses cookies, you should state this in your Cookies Policy or Privacy Policy.

Ali Abdaal does this by including a direct link to his detailed Cookies Policy in his Privacy Policy:

Ali Abdaal Privacy Policy: Cookie Policy clause

Given the nature of some personal sites, it may not be necessary to collect cookies. If this is the case, it's worth making this clear in your Privacy Policy.

For example, Desiree Adaway's site, The Adaway Group, clearly states it doesn't collect cookies:

The Adaway Group Privacy Policy: Cookies clause

By explicitly stating it, there can be no doubt in your users' minds about your site's use (or not) of cookies.

How to Display a Privacy Policy on Your Personal Website

How to Display a Privacy Policy on Your Personal Website

A Privacy Policy should be clearly displayed on your site. There are several ways to do this.

Many personal websites display a link to their Privacy Policy in the footer. This allows users to easily navigate to it from any page on the site. We can see an example of this from the Minimalist Baker blog below:

Minimalist Baker website footer with Privacy Policy link highlighted

If you choose to display your Privacy Policy elsewhere on your site, you should at a minimum include it in the footer in addition to any other methods of display you use. You can even include the last updated date near the footer link, like seen here:

Generic website footer with Privacy Policy link and updated date highlighted

You can also include a link to your Privacy Policy in your drop-down site menu or a pop-up box when users first navigate to your site.

For example, Devon Stank's site displays a pop-up box that users can close once they've read the Privacy Policy:

Devon Stank Cookies Notice with Privacy Policy link highlighted

If you collect email addresses for a newsletter list, you can include a link to your Privacy Policy within the form that requests the email address.

Here's how Timberland does this while also getting consent to the Privacy Policy by using a clickable checkbox:

Timberland subscribe to email newsletter form with checkbox and Privacy Policy link highlighted

Learn more about how to get consent with the clickwrap checkbox method in our article: "I Agree" Checkboxes.

Wherever you decide to display a Privacy Policy on your site, ensure it's visible and easy for users to access at any time.

Summary

If your personal site collects users' personal information, it's essential to have a Privacy Policy. Aside from any legal requirement to do so, displaying a Privacy Policy also reassures users you take their privacy rights seriously.

When developing a Privacy Policy for your personal site, keep it clear and to the point. Avoid using complex legalese and be transparent about your data collection and retention practices. You can also tailor it to suit the tone and nature of your site.

Make sure you display a link to your Privacy Policy in your website footer, as well as in other places where it may be beneficial to your site visitors.

Privacy Policy Generator
Comprehensive compliance starts with a Privacy Policy.

Comply with the law with our agreements, policies, and consent banners. Everything is included.

Generate Privacy Policy