Privacy Policy Generator
Generate a Privacy Policy, 2020 up-to-date, for your business with the Privacy Policy Generator from TermsFeed.
CalOPPA
California Online Privacy Protection Act
GDPR
EU General Data Protection Regulation
CCPA
California Consumer Privacy Act
And many more
Privacy laws around the world
Use our Privacy Policy Generator to create this policy for your business (web, mobile and others). You can use the policy for:
I just wanted to send a quick note to let you know that I just used TermsFeed to generate three agreements for a mobile app that we are developing. It almost felt too simple!
Apr 25, 2018 - generated agreements for his mobile app.
I found both Terms & Conditions as well as the Privacy Policy to very elaborate and helpful.
May 30, 2018 - generated a GDPR Privacy Policy.
Generate Privacy Policy
Our Privacy Policy Generator makes it easy to generate a Privacy Policy for your website or app.
- Download your Privacy Policy and edit it as you wish
- Free hosting of your Privacy Policy
- Free revision updates
- Discounted upgrades
Privacy Policy is required by law
A "Privacy Policy" agreement is required by law if you're collecting personal data from users, regardless of the platform used (website, mobile app, desktop app etc.)
Most laws around the world require a Privacy Policy:
- CalOPPA: California Online Privacy Protection Act
- GDPR: EU General Data Protection Regulation
- CCPA: California Consumer Privacy Act
- California Business Code
- And many more
Personal data is any kind of data that can identify an individual: email address, first and last name, billing and shipping address, credit card information, and so on.
Use this agreement everywhere:
- Websites
- WordPress blogs (or any other platforms: Joomla, Drupal)
- E-commerce stores
- Mobile apps: iOS, Android or Windows Phone
- Facebook apps
- Desktop apps
- SaaS apps
- Digital products or digital services
If you don't have a Privacy Policy yet, use the Privacy Policy Generator to generate it.
Privacy Policy for e-commerce stores
Including a Privacy Policy agreement for your ecommerce store is not only required by law, but it also builds trust with your customers and ensures that you stay in line with your legal obligations.
If you already have this agreement for your store, make sure to follow these tips:
- Disclose what kind of personal information you're collecting from your customers
- Disclose how the collected information may be shared or disclosed with third parties your store might be using (Google Analytics, Google AdWords, Google AdSense etc.)
- Inform how customers can review and change the information collected on them
- Make sure to include the policy's effective date
If you're missing a Privacy Policy for your store, use the Privacy Policy Generator to create it.
Privacy Policy for mobile apps
You'll need the Privacy Policy agreement even if you don't collect any personal data yourself through the mobile app you're building, but instead use third party tools such as:
- Google Analytics Mobile
- Flurry
- Firebase
- Mixpanel
- And so on
If you use at least one third party tool that might collect personal data through your mobile app, you need this agreement in place.
Each app store also requires you to have this agreement in place before submitting the mobile app:
- Apple App Store
- Google Play Store
- Microsoft Windows Phone Store
If your mobile app is missing a Privacy Policy, use the Privacy Policy Generator to generate it.
Privacy Policy for SaaS apps
Most SaaS businesses need to collect at least 2 types of personal information from users: email address and payment information. This makes a Privacy Policy agreement mandatory for SaaS businesses.
Most SaaS apps are using this agreement to disclose what kind of personal data might be collected through the app from users:
- Personal information, such as the name and/or the email address, to register the account and process the subscription payments
- Content that users create or post through the account
- Use of Cookies
- Log files created by the server
- Geo-location information (GPS) requested by the mobile app
- And more
Use the Privacy Policy Generator to generate a Privacy Policy for your SaaS app.
Privacy Policy for Facebook Apps & Pages
Various platforms, such as Facebook, are requiring businesses that are submitting their official app on these platforms to have a Privacy Policy agreement in place, even if the app doesn't collect any personal data.
Because you might be collecting personal information from users, through Facebook's APIs, you need to have a Privacy Policy for your Facebook app.
With TermsFeed's Privacy Policy Generator, you can create a Privacy Policy for your Facebook App & Page to include it at the "Privacy Policy URL" field.
Important: Your Facebook app will not go live if you don't have the Privacy Policy published on your website. Use the Privacy Policy Generator to create it and we'll host the policy for free for you.
Articles about Privacy Policies from our blog
Privacy Policy for Ecommerce Stores
Include a Privacy Policy for your ecommerce store to be compliant with the law (this policy is required by law) and built trust with your customers.
Privacy Policy for Mobile Apps
You'll need a Privacy Policy for your mobile app even if you do not collect personal data yourself but use third party tools, such as Google Analytics SDKs.
Privacy Policies are Mandatory by Law
Learn why a Privacy Policy is mandatory by law in most countries around the world and what privacy laws your business needs to follow to be compliant.
Privacy Policies vs. Terms & Conditions
A Privacy Policy and a Terms and Conditions are different legal agreements that serve different purposes. Learn which agreement you need for your business or if you need to have both.
Terms of Use & Privacy Policy for SaaS
Almost all SaaS apps collect at least one type of personal data from users, such as the email address. Learn why SaaS businesses must have a Privacy Policy.
Do Not Track (DNT) for Privacy Policy
A "Do Not Track" disclosure is now mandatory after the changes to CalOPPA law in 2014. Learn why you should update your Privacy Policy with the "DNT" disclosure.
Privacy Policy FAQ
Privacy Policies are essential for all websites and apps. Besides offering transparency to users who are using your website and/or app, Privacy Policies are also a matter of a legal compliance.
There are many countries that require a conspicuous Privacy Policy before you collect users' personal information.
A Privacy Policy is a legally-required agreement between you and the users of your website/app. This agreement discloses your privacy practices and how you handle your users' personal data.
For example, a Privacy Policy will describe the types of personal data you collect, how you collect the data, how you keep it safe, what you use it for, and if you share any of that personal information with other parties.
Privacy Policies also disclose the use of cookies and other tracking technologies that may affect user privacy.
Privacy Policies are legally required by global privacy laws if you collect or use personal information.
The general definition of "personal information" is "any piece of information that can be used to identify an individual."
Personal information includes the obvious pieces of data such as first and last names, email addresses, street addresses, telephone numbers, financial information and ID numbers. But it also includes less intuitive pieces of "information" such as data collected via some cookies and IP addresses.
There are two main reasons why you need a Privacy Policy:
They're legally required
If you collect or use personal information, you'll have to comply with privacy laws put in place around the world to protect consumer privacy. These laws will apply regardless of where your business itself is located, as they work to protect consumers in specific regions. For example, if your business is located in the U.S. but you have users in the EU, the EU's GDPR will still apply to you.
Consumers expect to see them
In a world where consumer privacy is more important than ever and consumers are starting to take their privacy more seriously, not having a Privacy Policy can mean you may lose customers. People expect to see a Privacy Policy that they can easily access whenever they want. Not having one will make you seem untrustworthy.
Most countries around the world have some sort of law in place that requires a Privacy Policy if you handle personal data from its residents. To name a few, Canada, the EU, the UK, the U.S. and Australia all have laws that require a Privacy Policy.
As privacy concerns grow, the number of countries projected to enact this requirement will grow.
For a current directory, see our article: Privacy Laws By Country.
When it comes to laws that require a Privacy Policy, they work to protect people in specific regions. In other words, even if you aren't located in the state of California, you'll still need to be aware of California privacy laws if any of your customers are in that state.
With the global nature of business, it's best to be aware of all the leading privacy laws, and look more specifically into laws in areas where you're certain you do business.
In general, you need to be aware of the following laws:
- CalOPPA is a U.S. law from California that requires a Privacy Policy if you operate a commercial website, online service, or mobile app and collect personal information from people in CA.
- The CCPA is a U.S. law from California that requires a Privacy Policy under the same circumstances.
- COPPA is the only federal privacy law in the U.S. that addresses the privacy of children. If your U.S. customer base has children under 13, you'll need to take extra precautions when handling personal information.
PIPEDA is a Canadian law relevant only to Canadian companies. It requires online and brick-and-mortar businesses to publish a Privacy Policy if they handle personal information.
The law defines 'personal information' as names, birthdays, income statistics, race or ethnic origin, employee data and other private data.
The GDPR is a wide-reaching, robust law that hails from the EU but has a global impact. It requires a Privacy Policy as well as new levels of consent required before collecting and processing certain types of personal information.
After the GDPR, most new privacy laws are showing a mirroring effect to this law. In other words, the GDPR set the new standard for privacy laws and we will surely see its impacts in other countries and privacy laws around the world.
The Data Protection Act of 1998 (DPA) is a UK law that's only relevant to businesses from the UK.
Any business that collects, stores, and uses personal information must follow data processing requirements and limit the amount of personal information collected to only what's necessary.
Email addresses, full names, identifying numbers, and birth dates all fall under personal information.
The Australia Privacy Act of 1988 is an Australian law that applies to companies handling personal information.
Using a list of privacy principles, it describes acceptable data collection, use, and storage policies that are well-covered if you have a Privacy By Design approach in your company. While the law predates mobile apps and many cloud software services, it's interpreted as being applicable to them.
You must be aware of not only local and federal laws in your jurisdiction but also those of where your website, app or service will be available.
Many legal issues occur with companies because they violate the laws of a country where they are not incorporated but perform transactions.
That's not a recommended course of action. Email addresses fall under personal information in current legislation on user data, all which require a Privacy Policy for collecting personal information.
You will open yourself up to liability if you request personal information without a Privacy Policy in place.
You'll need to have a Privacy Policy that explains that you collect email addresses, why you collect them, how you'll use them, and let users know about any rights they have when it comes to all of this. For example, let users know they can opt out of your email marketing list at any time, even after they've provided an email address and consent.
Your Privacy Policy needs to be easily and freely accessible at all times. There are a number of different placement options, but the general rule is to place your Privacy Policy link in your website footer, and anywhere else where you request personal information.
Within your website footer
Add your Privacy Policy link in with other important links. Users know to look here.
When requesting personal information
Present a link to your Privacy Policy at the time you're requesting personal information. For example, on sign-up/create account forms, on checkout pages and in email sign-up forms.
The best way to assure acceptance of the Privacy Policy is through clickwrap as it's the most clear, active and legally-compliant approach.
With clickwrap, you'll provide a link to the Privacy Policy and a checkbox a user can click next to a statement describing that by checking the box, the user is accepting the Privacy Policy.
You can also use a clearly-labeled button and statement such as, "By clicking Agree, you are agreeing to the terms in our Privacy Policy."
Privacy Policies need to be written in a way that covers all required, important information but does so in a way that's easy to understand by your average consumer.
Different privacy laws also have different requirements for what a Privacy Policy must contain.
The first step is to sit down and get an honest, thorough view of exactly what personal data your business collects, exactly why you collect it, and what you specifically do with it all.
Once you have a solid understanding of your business' relationship with personal information, you'll be able to draft a Privacy Policy.
You can use our Privacy Policy Generator, or check out some of our template articles to help you piece together your own Privacy Policy.
The purpose of a Privacy Policy is to inform users about how you collect, handle and use their personal information.
The purpose of a disclaimer is to avoid or limit liability due to a user's misunderstanding of your content.
In more detail, disclaimers address specific types of liability for products or content.
For example, a medical website will include a medical disclaimer stating that the content is only shared for informative purposes and should not replace the care of a medical doctor.
A financial company that talks about the stock market will include a disclaimer stating that the content isn't guaranteed to lead to financial wealth.
Disclaimers are usually on standalone web pages or included in a Terms and Conditions agreement.
A Privacy Policy is used to inform users about how you collect, handle and use their personal information. In other words, it helps protect your users.
A Terms & Conditions agreement (T&C) is used to maintain more control over your website or app. In other words, it helps protect you as the business owner.
A T&C explains your rules, conditions of use, and other requirements regarding the use of your website or app. It provides information about topics like copyright protection, user-generated content, no tolerance policies against abuse and harassment, and how non-payment of subscription fees will be handled.
Another key difference is that while Privacy Policies are legally required, a Terms and Conditions agreement is not required under any laws.
However, having a Terms & Conditions agreement will help you enforce your rules and preserve a cause to terminate accounts if users violate your terms.