top of page

What's a Privacy Policy and Why Am I Legally Required to Have It?

Updated: Nov 29, 2019

privacy policy, privacy policy template, privacy policy generator, website privacy policy, shaka designs, raeanne dimick

This post contains affiliate links which means I could receive a small commission if you purchase a product through these links.

Today, we're talking alllll about Privacy Policies and why your website legally has to have one.

I'll also be sharing a few tips and recommendations on other policies you should have on your site, depending on what industry you're in.

And of course, I will provide you with some resources so you can get these policies on your website asap.


Before we begin...I do need to state that I am not a lawyer and nothing in this post should be construed as legal advice. Legal requirements for these policies vary by country, state, and city and you're responsible for knowing which laws pertain to your online business. As always, if you're unsure about any of this - please consult with a licensed attorney.


What is a Privacy Policy?

A Privacy Policy is a "document" (page on your website) that explains how you handle visitor and customer information. It also explains how that information is gathered and how and what it is used for.

Information that is gathered can be anything from email address, credit card information, IP address, demographic information, and web browsing habits (cookies).

So if you have a way for visitors to sign up for your email list, you're processing store orders, or you even have Google Analytics or a Facebook Pixel linked to your website - you are collecting personal information.

The Privacy Policy covers how you collect the personal information, how you store it and keep it secure, and what it's used for.

Why Do I Need a Privacy Policy?

Well, for one, it's legally required. When we're talking about the United States specifically, there isn't one single law governing this. However, there are multiple laws that affect your online business in the US and the Privacy Policy should address all of them.

If you're doing business with anyone from another country, especially the EU, you'll also want to make sure you are complying with the GDPR.

Basically, a Privacy Policy covers your butt legally. It lets people know in a very clear manner how you're collecting their information and how you're storing (and using) that data and keeping it secure. People want to know you're not going to sell their email to another company or steal their credit card or social security information.

What is the GDPR?

The GDPR went into effect on May 25, 2018. GDPR is short for EU Data Protection Regulation. I won't go into this in huge depth, the basics are that if you are doing business or even collecting data (email, IP, etc.) from people in the EU, you must have a GDRP clause on your website. This can be included in your Privacy Policy.

It is also recommended you add a double opt-in process for email subscribers that are in the EU. I use Convertkit, which automatically knows based off of a persons IP if they're located in the EU. So it will only give the double opt-in to them. Many email service providers including Mailchimp offer a GDPR feature. They all work a little different so do some digging on the platform you use.

If you want to read more into the governing laws for each country and more on the GDPR check out this article from

Where Do I Put It on My Website?

Privacy Policies are generally a hidden page on your website. You'll provide a clickable link in your footer that says "Privacy Policy" that will take site visitors to that hidden page.

It looks like this:

privacy policy, privacy policy template, privacy policy generator, website privacy policy, shaka designs, raeanne dimick

When they click that link it takes them to the hidden page that looks like this:

privacy policy, privacy policy template, privacy policy generator, website privacy policy, shaka designs, raeanne dimick

Where Do I Get a Privacy Policy?

There are many ways of obtaining a Privacy Policy:

1. Draft it yourself (I don't recommend this)

2. Get a free one online (I don't recommend this either)

3. Have an attorney draft it for you

4. Purchase a Privacy Policy template online (from a trusted source)

As you can see, there are many ways to go about it, I certainly wouldn't recommend the first two options. I only listed them to let you know they're out there - but wouldn't recommend that route.

You can certainly have an attorney draft one for you, this would be probably the most expensive option. But if you're just getting started and you want an attorney on retainer, or you need some other docs drafted up like filing an LLC or creating a contract, you could go this route.

The one I recommend the most would be option 4, which is to purchase a template online - from a trusted source. My personal favorite for online legal templates is The Contract Shop.

You can buy your Website Privacy Policy & Terms and Conditions here.

The second reason I prefer the legal template route is it's much less expensive than hiring an attorney. And you still get the protection and proper documentation on your website that you need!

What Other Legal Policies Do I Need On My Website?

Now that we've talked allll about your Privacy Policy, I wanted to mention a couple more policies I recommend having on your site.

Terms & Conditions

Website Terms & Conditions outline what the site user, member, or visitor agrees to and understands while interacting with your website. This is also where your copyright language lives.

With this policy, you can tell people what they can and can't do with the content on your site. This is especially helpful with blog, membership and eCommerce websites. You disclose a limited liability for use of the site and lay out the terms and conditions on how they can use their membership and the content on the site.

This policy is not required by law, but I highly encourage you to have one. This policy can also help you limit your liability if someone decided to sue you - this document will be heavily referenced.

Shipping & Returns Policy

If you have an online store, I'd highly recommend having a separate policy for Shipping & Returns. You can also reference this in your Terms and Conditions, but it's nice having a separate page just for Shipping and Returns.

There's a lot to sort through in the Terms & Conditions, so help your site visitors out by providing them with a separate Shipping & Returns Policy page.

You'll add these as separate hidden pages on your website and link to them in the footer, just like you did with your Privacy Policy.

Next Steps

I know that was a lot to take in, but don't wait to take action on this. It is soooo easy to put this off and while chances are it probably won't come back on you - I wouldn't be the one to take that chance.

Resources Mentioned

PS - The Contract Shop has an entire library of legal templates apart from the policies I talked about here. Check out the entire library :)

Until next time...Hang Loose! 🤙🏻


Do you want to be notified when a new blog is posted? Awesome!

Drop your name and email below and you'll be the first to know!

You'll also get an email from me once per week covering Wix, marketing or small business.

Don't want it? No sweat, you can unsubscribe super easy :)


bottom of page