
Privacy policy
- Customisable to your needs
- Essential for running a legally compliant website
- UK GDPR compliant
This template privacy policy will allow you to set out the privacy information that you are legally required to provide to individuals who use your website. This includes what personal data you process and how you use it. It is also referred to as a privacy notice and it might be produced in a combined document with your cookie policy, or as two separate documents.
This template will help you to comply with your data protection and privacy obligations when you are running a website. It enables you to set out all of the data protection information that you must give to your users. It is a UK GDPR compliant privacy policy, which is suitable only for UK based businesses carrying out data processing activities in the UK. If your business has an office or establishment in an EEA country, or offers goods or services to, or monitors the behaviour of, individuals in the EEA, then following Brexit your privacy notice will also need to comply with the EU GDPR, which is outside the scope of this service.
Because no two websites are the same, you can customise this privacy policy for your purposes whether you sell goods or services online, or if your website simply promotes your business.
You can also purchase this policy as part of the Starting an online business toolkit or the Data protection policy toolkit.
Q&A
When should I use this document?
You should use this privacy policy if you run a website to make sure you provide your users with information about your use of personal data.
This information must be provided to your users at the point at which you collect their personal data so that they know what you will be doing with it.
You should make sure your policy is easy to access - include a hyperlink on your website - and that you draw your users’ attention to relevant parts of it when they provide their personal data to you.
Make sure you keep your policy updated if you change the way you collect or use personal data through your website.
What does this document cover?
This privacy policy provides all of the key information you need to provide to your users about your use of their personal data in a digestible and transparent way. Key terms include:
- what personal data you collect;
- what you do with it, including whether you will share it with any third parties and how long you will keep it for; and
- what privacy rights your users have.
This policy also includes a table for you to complete setting out the different categories of personal data you collect and what your legal basis for doing so is.
Why do I need this document?
Whenever your business collects an individual’s personal data, in order to comply with your data protection obligations, you must provide that person with certain privacy information. This is a legal requirement and you could face serious fines if you don’t comply.
Although the information doesn’t need to be set out in a privacy policy, it’s often easier for your business to set it all out together in one place.
It’s also important for your privacy information to be written in a style and format that your users can easily digest; this privacy policy will help you to do that.
Where can I find out more?
If you want to find out more about privacy policies, or notices, including how to make your users aware of your privacy information, see our guidance on privacy and cookies.
For guidance about what other data protection policies you need for your business, see our guidance on your data protection obligations.
If you want to know what other information you need to put on your website to make sure it’s legally compliant, see our guidance on website content and terms of use, and our template Website terms of use.
For further guidance on how Brexit impacts your data protection obligations, see Introduction to the GDPR.
Related Toolkits
Starting an online business toolkit
- How-to guide: Starting an online business toolkit
Privacy policy
Cookie policy
Website terms of use
Terms and conditions
Cancellation form
VAT invoice
Non-VAT invoice
Quick guide to customer rights in online sales
Checklist of information to include to ensure your website is legally compliant
Small claims toolkit
- How-to guide: Small claims toolkit
Letter before action
Witness statement
Letter of non-attendance for small claims hearing
Redundancy toolkit
- How-to guide: Redundancy toolkit
Redundancy - Letter warning of proposed redundancies
Redundancy - Selection criteria form
Redundancy - Provisional selection for redundancy letter
Redundancy - First individual consultation meeting agenda
Redundancy - Outcome of individual consultation meeting
Redundancy - Invitation to final individual consultation meeting
Redundancy - Final individual consultation meeting agenda
Redundancy - Notice of termination of employment
Redundancy - Offer of alternative employment
Disciplinary toolkit
- How-to guide: Disciplinary toolkit
Suspension letter pending investigation
Disciplinary investigation template
Invitation to attend a disciplinary hearing
Invitation to attend meeting to discuss sickness absence
List of common disabilities
Note taking template for disciplinary proceedings
Basic script for conducting a disciplinary hearing
First written warning for capability
First written warning for misconduct
Final written warning for capability
Final written warning for misconduct
Sickness absence meeting - outcome letter
Dismissal letter
Invitation to attend a disciplinary appeal hearing
Basic script for conducting a disciplinary appeal hearing
Letter to confirm outcome of a disciplinary appeal