You are required to have a Privacy Policy page on your website if you are gathering user’s personal data in any way. This is the case for almost every website. The two most common ways that a website gathers personal data are; forms that allow visitors to enter information and analytic tools to track visitors.

What content should a Privacy Policy page consist of?
The content required on a Privacy Policy page will vary from one business to another. If you were hoping that you could just copy someone else’s Privacy Policy and change the Company Name to your own…You’re out of luck I’m afraid.

You’re also out of luck if you’re hoping to just pay someone else to write your Privacy Policy and make the problem go away. Creating the Privacy Policy is one thing, but the real time-consuming part is what goes on behind the scenes.

You need to think about all of the information that your company collects. You then need to put processes in place to handle the information correctly. These processes need to be in line with the General Data Protection Regulation (GDPR) enforceable by 25th May 2018.

If you’re still hoping that you can avoid dealing with any of this, you’ll need to consider hiring a Data Protection Officer or appointing a current employee as your Data Protection Officer.

How we went about creating our Privacy Policy
WordPress now provides a Privacy Policy Guide. This can be viewed via the WordPress administration area. Go to Settings/Privacy and then click “Check out our guide”. We’ve saved this guide as a downloadable PDF for the purposes of this article.

There are many guides available online, but due to our website having been built using WordPress, it made sense to base our Policy on their guide. However, the ICO are the regulators for the General Data Protection Regulation (GDPR) in the UK, so it was important to cross-reference any of the advice in the WordPress Privacy Policy Guide with the information on the ICO website.

There is a lot of information regarding the General Data Protection Regulation (GDPR) on the ICO website, but we would start here, followed by their examples of good and bad privacy notices.

Finally, WooCommerce has provided six very good articles that cover the latest changes to the General Data Protection Regulation (GDPR). If you’re still confused by it all, we’d recommend reading “Web Privacy And WordPress GDPR Compliance – The Definitive Guide“.