Do I need a privacy policy statement on my website?

Three businesswomen looking at laptop and smiling as they have confirmed the privacy policy statement on website

If you’re building a site which requires people to give you their personal details, it is now required by law for you to provide a privacy policy statement. This is especially important if you’ve built a website with an ecommerce platform, as you are handling sensitive payment information and people need to be reassured that their details won’t be misused by your site. 

However, even if your website doesn’t take payments over the internet, but still requires people to give you their phone number, email address, home address etc then you still must include a privacy policy statement.

This is covered in EU law under the General Data Protection Regulation (GDPR), as well as a UK Act of Parliament: the Data Protection Act 2018 (DPA). A privacy policy statement isn’t just to look professional: the penalties for breaching someone’s privacy rights can be up to 4% of your global revenue, or €20 million – whichever is the highest. Don’t worry if you’re worried you might write an incorrect privacy policy statement: we’ve broken down how to tackle it, so you can build your own website stress-free!

What is a privacy policy statement?

A privacy policy statement is a written statement that details how your company uses and manages a customer’s details. It is necessary if you’re collecting personal information from your site visitors, and it needs to be clearly visible on your site, as well as on a mobile app if you have one. 

Covered under both EU and UK law, a privacy policy statement is legally binding: you must tell your site visitor what kind of information you’ll be gathering from them, what you’ll do with these details, and how you’ll keep them safe. Not only does the law state that you must display this notice, but you also must not breach any of its regulations. This ensures the privacy of your site users is protected, and you can’t use their personal information for other purposes without their consent.

Why do you need a privacy policy statement?

Whilst you need to include a privacy policy statement when building your site as you are legally bound to do so, it also is important from a marketing perspective. If you have an ecommerce platform, then people are not going to want to give you their personal details without being reassured that they are completely protected. 

If you have an online store, then people aren’t going to put in their credit card details if they think there’s any risk of you stealing this information, meaning you’re less likely to sell products online. 

Personal information doesn’t just mean card details: it can include even seemingly trivial details, such as an email address. Without a privacy policy statement, a site user may be unsatisfied that their email address will be properly protected, thus deterring them from giving you this information. This means you can’t add them to your mailing list, barring you from sending them emails about the latest deals and updates to your website. 

How to structure it 

Don’t worry – you don’t have to trawl through the GDPR and the DPA to try to work out how exactly to structure your privacy policy statement. There are plenty of free resources to use online which can help you: SEQ Legal has an easy-to-follow template that you can download for guidance, or for official guidance, the EU template can also be downloaded for free. Of course, you’ll have to edit some of the details so that it’s relevant to your business, but it is a handy guide to refer to if you’re not sure where to start. 

If you need a breakdown of the language used, then the EU has produced a guideline to the wording. If you want to read the legislation to see the exact wording in the legislation, then read Articles 12, 13 and 14 of the GDPR. 

According to the GDPR, a privacy notice must be:

  • Written in concise, legible language 
  • Written in clear and unambiguous language, with special care taken if the site is directed to a child
  • Provided for free

When building your site, you’ll want a website builder that is easy to use, but still delivers stunning website designs for a professional result. Go Sitebuilder includes an ecommerce platform within our bundle, making us one of the cheapest website builders with this feature in the UK. Don’t let creating a privacy policy statement deter you from building your dream website; once you’ve downloaded one of the free web design templates, Go Sitebuilder makes everything all the more simple – try it today, with our free 14-day trial!