Privacy Policy Checklist

privacy policy

To collect and process users’ data, you need to create a Privacy Policy section on the site. In this article, we will explain what a privacy policy is and why you need it.

What Is the Privacy Policy

The site owner takes from each visitor consent to the collection, processing, and storage of personal data. It is difficult to sign a document on paper when you deal with an eCommerce privacy policy. And because of this, the site will lose all visitors. Therefore, there is an easier way — a privacy statement for the website. Customer privacy policies specify what information is collected and for what purpose. To create a privacy policy for the website, you can address

How to Implement the Privacy Policy

You need to follow such steps:


  1. Compose a document. Prepare the privacy policy as a separate document. You can also include the rules for processing personal data in the user agreement if you work according to them.
  2. Post your privacy policy on the site. The user must be clear about what he agrees to. When he fills out a form or registers, show him the link to the privacy policy. When you visit the site — warn that you process cookies. Usually, the privacy policy is hidden in the footer so that the link does not distract from the content of the site.
  3. Take care of data protection. Taking consent from site visitors is not enough. It is important not to transfer information to third parties and physically protect it from leakage. Set passwords for computers and servers where you store information.

Key Points of the Privacy Policy Document

The document should include the following items:

  • Definitions of terms. Automated processing, depersonalization of information, cross-border transfer — only part of the terms from the document. For visitors to understand what they mean, operators decipher them at the beginning of the PP.
  • Operator information. Specify the name of the operator — an individual or organization that works with personal information. If the data about the operator changes, do not forget to update the PP on the site promptly.
  • Reasons for obtaining data. List the documents that allow the processing of personal information: user agreement, links to regulatory legal acts, and so on. Add an action that permits the user to allow the collection of data. For example, offer to check the box next to the relevant notification.
  • Purposes for collecting information. Explain why the site collects user data. For example, an online store is for placing orders and receiving marketing mailings, an information blog is for registering a personal account, and a company website is for personalizing content.
  • The types of data that the operator collects. List any information the site asks users for or tracks through cookies. Do not include all kinds of personal information in this section just for show. For example, collecting users’ home addresses when registering on an online course site doesn’t make sense.
  • The order of use. Explain how the operator works with the information received: collects, stores, refines, systematizes, or deletes data. List all actions so that users do not doubt the PC.
  • Ensuring the security of information. Explain how the operator protects data received from site visitors: uses anti-virus programs and does not transfer information to third parties. Notify users that they have the right to withdraw consent to the processing of data, and tell them what to do for this, for example, send a written statement.
  • Biometric data. Not all companies work with biometric data, but if they use them, then there should be an appropriate section in the regulation. It indicates the procedure for obtaining consent from the subject for the processing of information.
  • Cross-border transfer. If the site operator transfers user information to individuals or organizations abroad, then an additional section is included in the policy. It defines the grounds and procedure for data transfer.

Most sites contain a Privacy Policy section. This is an inconspicuous link that is usually placed in the footer of the page. Site owners place it for a reason: they protect themselves from fines and blocking. Take care of it, too, if your site has a shopping cart or contact form.

To Top

Pin It on Pinterest

Share This