If you run a WordPress website, you almost certainly will need a Privacy Policy. This is because if your site collects any personal information, privacy laws require a Privacy Policy, and WordPress requires that you comply with relevant laws when using its platform.

This article will teach you why you need a Privacy Policy for WordPress websites, how to meet Privacy Policy requirements, how to create a Privacy Policy for your WordPress site, and how to display and get agreement to your Privacy Policy once it's written.

Our Privacy Policy Generator makes it easy to create a Privacy Policy for your business. Just follow these steps:

  1. At Step 1, select the Website option or App option or both.

    TermsFeed Privacy Policy Generator: Create Privacy Policy - Step 1

  2. Answer some questions about your website or app.

    TermsFeed Privacy Policy Generator: Answer questions about website - Step 2

  3. Answer some questions about your business.

    TermsFeed Privacy Policy Generator: Answer questions about business practices  - Step 3

  4. Enter the email address where you'd like the Privacy Policy delivered and click "Generate."

    TermsFeed Privacy Policy Generator: Enter your email address - Step 4

    You'll be able to instantly access and download your new Privacy Policy.



Why You Need a Privacy Policy for WordPress Websites

Any time you collect users' personal information, you need to make sure that you have a Privacy Policy in place because privacy laws require this.

Common ways that WordPress websites collect personal information include through the following functions and features:

  • Using Google Analytics:If you use Google Analytics to monitor traffic and interactions with your website, you're collecting personal information. Google Analytics uses things like IP addresses and cookies to analyze your site's traffic, both of which are considered to be personal information under privacy laws.
  • Allowing comments: A great way to encourage user interaction and make your website more attractive is to allow user comments. However, when a user leaves a comment, personal information like a name and email address is collected. Cookies are also used to remember that user for future comments.
  • Having advertisements: Third party advertising programs (such as Google AdSense) operate by collecting behavioral information of your users, which is legally protected information.
  • Using contact forms: If you request information like email addresses from your visitors so you can send them email newsletters, you're obviously collecting personal information. Not only will this trigger the requirement for a Privacy Policy, but you should also be getting consent to contact them.

If your WordPress site takes advantage of any of these features, you'll need a Privacy Policy.

If you don't maintain a Privacy Policy on your WordPress websites, you run the risk of violating state and global privacy legislation, which can result in considerable financial penalties.

Having a Privacy Policy on your website is also a great way to help build trust with users, which is essential in creating long-term customers.

WordPress Privacy Policy Requirements

WordPress Privacy Policy Requirements

WordPress requires that you comply with state and global privacy requirements when using its services:

WordPress Codex: User Privacy and Your WordPress Site - Privacy Regulations and display a Privacy Policy requirement section

In order to stay compliant with WordPress's Privacy Policy requirements, you need to make sure that you are aware of any privacy laws that apply to your business or protect your users' privacy rights.

As noted above, many privacy laws require that you maintain a Privacy Policy on any website that collects users' personal information, as well as provide a way for users to access and delete any information you may have collected from them.

Let's look at some of these laws.

Global and State Privacy Legislation Requirements

Global and State Privacy Legislation Requirements

It's important to make sure that your WordPress website complies with any applicable legislation in order to avoid penalties in the form of harsh fines.

Some of these laws include:

  • The General Data Protection Regulation (GDPR) from the EU
  • The California Online Privacy Protection Act (CalOPPA) and the California Consumer Privacy Act (CCPA) from the U.S.
  • The Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada

These laws and many others all have reach far beyond the country they originate in. Since your WordPress website is accessible to users around the world, you'll need to comply with these laws by having a Privacy Policy posted, regardless of where you're personally located.

GDPR

The General Data Protection Regulation (GDPR) was adopted in 2016 and is the European Union's (EU) main privacy legislation. The GDPR requires that applicable organizations disclose what personal information is being collected, how it's collected and used, and to inform users of their rights regarding access and deletion of their personal data, among other things.

In effect, the GDPR requires a Privacy Policy to be displayed by websites that fall within its scope, such as WordPress websites.

CCPA

The California Consumer Privacy Act (CCPA) was signed into law in 2018, and is one of the most comprehensive privacy bills in the United States. The CCPA requires businesses that fall under its jurisdiction to let users know what personal information they are collecting and for what purpose and how users can access or delete their personal information, and to give users a way to opt out of the sale of their personal information to any third parties.

If the CCPA applies to you, you will need to display a CCPA-compliant Privacy Policy on your WordPress website.

You should keep informed about local and international privacy laws, and make sure to update your Privacy Policy periodically to reflect any new laws or changes to existing laws.

How to Create a Privacy Policy for WordPress Websites

How to Create a Privacy Policy for WordPress Websites

There are a few different methods for creating an effective Privacy Policy for your WordPress website. The most costly method is to hire a lawyer to do it for you.

Alternatively, you can use TermsFeed's Privacy Policy Generator or free Privacy Policy Template to create a customized Privacy Policy.

When writing your Privacy Policy, you will need to make sure that it is clearly written and easy for the average person to understand. You should avoid using legalese or industry jargon.

There are a few important clauses that you should make sure your Privacy Policy contains to ensure that it meets certain legal requirements, including what personal information you collect and what you do with it, how you collect information, who you share the information you collect with and how you keep it safe, and how users can contact you and access or delete their personal information.

Let's look at how to construct a few of these important clauses.

What Personal Information You Collect

Personal information includes users' names, addresses, phone numbers, birthdays, social security numbers, and credit and debit card numbers among other data that can be used, on its own or with other information, to identify an individual. You should let users know explicitly that you collect their personal information, whether that's directly - such as through a sale or a contact form - or indirectly, such as via a third-party tracking service.

Vogue's User Agreement and Privacy Policy describes the circumstances in which it collects users' personal information:

Vogue User Agreement and Privacy Policy: The Type of Information the Service Collects clause excerpt

Be as specific and detailed as possible here for the most legal compliance and transparency.

How You Collect Information

Your Privacy Policy should inform users about the processes you use to collect their information, whether you gather information directly or indirectly, and whether you require users to explicitly consent to the collection of their information.

The City University of New York's (CUNY) Privacy Policy discloses that it collects some specific information via email and online transactions:

CUNY Privacy Policy: Information Collected by Email and Online Transactions clause excerpt

Who You Share Personal Information With

Your Privacy Policy should contain a clause that lets users know whether you share the personal information you collect with any third parties, and who those entities are at least categorically.

The Angry Birds Privacy Notice informs users that it shares their data with its service providers and partners, as well as with users of its Services. It lets users know that it may also share their personal information if they are legally required to do so:

Angry Birds Privacy Notice: Who do we share your data with clause

How You Use the Information You Collect

Your Privacy Policy should outline the purposes for which you use the information you collect.

Many privacy laws stipulate that you only collect information that is absolutely necessary to the functioning of your business. This means that you need to disclose how you use the information to ensure that you aren't collecting a huge amount of information for no legitimate purpose.

The Village Voice's Privacy Policy lists what it does with users' personal data, including responding to requests and providing necessary services:

The Village Voice Privacy Policy: Use of Your Personal Data clause

How You Keep the Information You Collect Safe

You should make sure that your Privacy Policy covers any steps you take to protect users' personal information.

The Clorox Company's Privacy Policy includes a How We Protect Personal Information clause that lets users know that it makes "reasonable efforts" to protect their information, and reminds users that they are responsible for keeping their passwords secure:

The Clorox Company Privacy Policy: How We Protect Personal Information clause

How Users Can Access or Delete Their Personal Information

Many privacy laws require that your Privacy Policy informs users how to access and edit their personal information, along with other user rights.

Rolling Stone's Privacy Policy includes a section on Accessing and Correcting Your Information that tells users what steps they need to take to change their personal information. It lets users know that the only way that they can delete their personal information is by deleting their account and membership, and that certain information stored on backup tapes cannot be deleted:

Rolling Stone Privacy Policy: Accessing and Correcting Your Information clause

Contact Information

You should make sure that your Privacy Policy provides at least one way for users to get in contact with you.

Penguin's Privacy Policy includes its mailing address and email address within in About Us clause:

Penguin Privacy Policy: About Us clause

After you have a Privacy Policy drafted and ready to display, it's time to add it to your WordPress website. The first thing you'll need to do is create a separate page on WordPress to host your policy.

How to Create a Privacy Policy Page on WordPress

Follow these instructions on how to create a Privacy Policy page for your website if it's hosted on WordPress. You can download these instructions as PDF file.

  1. To start, first log in to your WordPress site.

    Login to WordPress Dashboard page

  2. Once on the Dashboard page, go to Pages and choose Add New.

    TermsFeed WP.com website: Dashboard menu Pages - Add New

  3. When the page editor opens, type Privacy Policy in the title field.

    TermsFeed WP.com website: Pages - add Privacy Policy title

  4. Add the text of your Privacy Policy.

    If you do not have a Privacy Policy, use our Privacy Policy Generator and create it within minutes.

    If you generated the Privacy Policy with TermsFeed, go to the Copy your Privacy Policy section and click on the Copy this to clipboard button.

    TermsFeed App: Privacy Policy Download page - Copy your Privacy Policy section highlighted

  5. Go back to the WordPress page editor and paste the generated text of the Privacy Policy.

    TermsFeed WP.com website: Privacy Policy Page Editor - Paste option highlighted

  6. When done, click Publish.

    TermsFeed WP.com website: Privacy Policy page - Publish option highlighted

Want more?

Check our videos on YouTube channel and learn how to link pages on WordPress by using Menus and Widgets:

  • How to Link to a Privacy Policy URL using Menus on WordPress
  • How to Link to a Privacy Policy URL using Widgets on WordPress

Bonus tip:

Download your Privacy Policy in multiple file formats:

TermsFeed App: Privacy Policy Download page - Download your Privacy Policy in multiple formats option

Scroll down and click on the "Generate files" button to download your Privacy Policy in multiple formats:

  • HTML
  • DOCX
  • Plain Text
  • Markdown

How to Display Your WordPress Website's Privacy Policy

How to Display Your WordPress Website's Privacy Policy

Once you have created your Privacy Policy for your WordPress site and set up a page to display it from, it's important to link it somewhere that people can easily find it. Hiding your Privacy Policy in some obscure area of your website or intentionally making it difficult to find can violate certain privacy laws. Some of the most popular places to put your Privacy Policy are within your website footer and on your checkout and account login pages.

Many businesses put a link to their Privacy Policy within their website footer, as it is a permanent place that users can access no matter what page of your website they navigate to, and it is a common enough practice that people expect to scroll down to find legal links.

Quartz puts a link to its Privacy Policy alongside links to its Sitemap, About page, Accessibility information, Terms of Use Agreement, Advertising information, and Jobs listings links:

Quartz website footer with Privacy link highlightedQuartz website footer with Privacy link highlighted

Checkout Page

Another good place to put a link to your Privacy Policy is on your checkout page, as it gives users the opportunity to read about how you handle their personal information before they make a purchase.

The Dallas Mavericks checkout page includes a link to its Privacy Policy, as well as links to other relevant legal agreements:

Dallas Mavericks checkout screen with Privacy Policy link highlighted

Account Login Form

Putting a link to your Privacy Policy on your account login page or form ensures that anyone who wants to directly give you their personal information has the chance to read it.

The New York Post's account login page includes a statement that users must agree to its legal terms before creating an account, as well as a link to both its Privacy Notice and its Terms of Use:

New York Post login form with Privacy Notice link highlighted

Let's look at how you can implement some of these best practice display linking techniques in WordPress.

Here are instructions for how to link your Privacy Policy page URL in the footer of your website by using Menus and Custom Links on WordPress.

  1. To start, log in to your WordPress website.

  2. Under the Dashboard menu, scroll up to Appearances and choose Menus:

    TermsFeed WP.com website: Dashboard - Appearances - Menus highlighted

  3. In the Menus editor, under the Menu structure section, type your Menu Name:

    TermsFeed WP.com website: Menus Editor - Name Menu field highlighted

  4. Next, in the section on the left side called Add menu items, click on Custom Links:

    TermsFeed WP.com website: Menus Editor - Add menu items - Custom links field highlighted

  5. In order to get the Privacy Policy URL link that is hosted on our site you'll need to go to the TermsFeed Generators App and go to the Download page.

  6. Under the "Link to your Privacy Policy" section, click on the green "Copy" button:

    TermsFeed Generators App: Privacy Policy Download Page - Link to hosted Privacy Policy URL copy option highlighted

    If you do not have a Privacy Policy you can create one right now by using our Privacy Policy Generator.

  7. Go back to the Menus Editor and paste your Privacy Policy URL to the URL link field. Type Privacy Policy in the URL text field. Click the Add to menu button:

    TermsFeed WP.com website: Menus Editor - Add menu items - Custom links fields URL and Privacy Policy as URL text filled highlighted

  8. Next, check the box next to "Footer Menu" under Menu Settings:

    TermsFeed WP.com website: Menus Editor - Menu Settings check Footer Menu option highlighted

  9. Click Save Menu:

    TermsFeed WP.com website: Menus Editor - Save Menu button highlighted

You're done!

Want more?

Check our videos on YouTube channel and learn how to link pages on WordPress by using Page and Widgets:

  • How to Create a Privacy Policy Page on WordPress
  • How to Link to a Privacy Policy URL using Widgets on WordPress

Here are instructions for how to link your Privacy Policy page URL to your WordPress website by using Widgets. You can download these instructions as PDF file.

  1. To start, log in to your WordPress website.

  2. Under the Dashboard menu, scroll to Appearances and choose Widgets:

    TermsFeed WP.com website: Dashboard - Appearances - Widgets highlighted

  3. In the widget editor, under the "Footer" block, click on the "+" icon:

    TermsFeed WP.com website: Widgets Editor - plus option highlighted

  4. When the new block opens, click on Widget Group:

    TermsFeed WP.com website: Widgets Editor - Widget group block highlighted

  5. Click again on the "+" icon:

    TermsFeed WP.com website: Widgets Editor - Widget group plus option highlighted

  6. Select "Paragraph":

    TermsFeed WP.com website: Widgets Editor - Widget group paragraph block highlighted

  7. Next, type the name of your group (for example, "Legal"), and below it name your agreement "Privacy Policy":

    TermsFeed WP.com website: Widgets Editor - Widget group Privacy Policy block with text added highlighted

  8. In order to add your URL, you'll need to select it and click on the link icon among formatting options:

    TermsFeed WP.com website: Widgets Editor - Widget group paragraph block with Privacy Policy selected and link icon highlighted

  9. A new field for adding the URL will open:

    TermsFeed WP.com website: Widgets Editor - Widget group paragraph block with add Privacy Policy URL field highlighted

  10. In order to get the Privacy Policy URL hosted by TermsFeed, go to the TermsFeed Generator App and then go to the Download page of your Policy & Document.

  11. Under the "Link to your Privacy Policy" section, click on the "Copy" button:

    TermsFeed Generators App: Privacy Policy Download Page - Link to hosted Privacy Policy URL copy option highlighted

    If you do not have a Privacy Policy, you can create one right now by using our Privacy Policy Generator.

  12. Go back to the Widget Editor and paste your Privacy Policy URL in the link field. Then hit Enter to add the link:

    TermsFeed WP.com website: Widgets Editor - Widget group paragraph block with add URL link pasted option highlighted

  13. Click the "Update" button:

    TermsFeed WP.com website: Widgets Editor - Widget group paragraph block with linked Privacy Policy URL added and Update button highlighted

Want more?

Check our videos on YouTube channel and learn how to link pages on WordPress by using Page and Menus:

  • How to Create a Privacy Policy Page on WordPress
  • How to Link to a Privacy Policy URL using Menus on WordPress

How to Get Agreement to Your WordPress Website's Privacy Policy

How to Get Agreement to Your WordPress Website's Privacy Policy

One of the simplest ways to get consent from users is to include a checkbox that users must tick in order to sign up for an account or access your website. This checkbox should be placed near a statement that makes it very clear that checking the box means the user is consenting to the Privacy Policy.

The most commonly seen and effective way to do this is with an "I Agree" checkbox or some equivalent.

Eventbrite requires those wishing to make a purchase to check a box to show the user accepts its Privacy Policy before placing an order:

Eventbrite checkout page with I accept Terms of Service Community Guidelines and Privacy Policy checkbox highlighted

Summary

WordPress requires that businesses maintain a Privacy Policy on their website if they collect users' personal information.

In order to comply with WordPress Privacy Policy requirements, you should make sure that your Privacy Policy lets users know how you handle their personal information.

There are many state and global privacy laws that you should be aware of and make sure that your Privacy Policy adheres to, as failure to comply with applicable laws can result in significant financial penalties.

You will need to make sure that your Privacy Policy is clearly written and easy to understand. Your Privacy Policy should include certain clauses, such as:

  • What information you collect
  • How you collect information
  • Who you share the information you collect with
  • How you use the information you collect
  • How you keep the information you collect safe
  • How users can access or delete their personal information
  • How users can contact you

Once your Privacy Policy has been written, you will need to make sure that you display it somewhere that is easily accessible, such as permanently linked within your website footer and on your checkout and account login pages. It's easy to add a Privacy Policy page to your WordPress website and link to it where needed.

One of the best ways to make sure that users have read and agree to the terms outlined in your Privacy Policy is to include a checkbox that users must tick in order to sign up for an account or access your site.

Privacy Policy Generator
Comprehensive compliance starts with a Privacy Policy.

Comply with the law with our agreements, policies, and consent banners. Everything is included.

Generate Privacy Policy