Skip to content

Respect privacy. Build trust. Grow with confidence.

Create a clear, accurate privacy policy in minutes. Keep your business aligned with legal privacy requirements and inform users how their data is handled.
SixtDouglasZ – Burny GamesHermesDelivery Hero
Start scan
Video Preview
Video Preview

We need your consent to load the YouTube Video service!

We use a third party service to embed video content that may collect data about your activity. Please review the details and accept the service to watch this video.

powered by Usercentrics Consent Management Platform

If you collect any personal information from your users on your website — through forms, analytics tools, or even your website’s chat/messenger UI — having a clear and accessible privacy policy is crucial. Quickly create a custom privacy policy for your website.

Usercentrics Web CMP

Stay up to date with regulatory changes. Collect consented user data and optimize your marketing campaigns with our Google-certified consent management platform.

Usercentrics App CMP

Stay privacy-compliant and grow confidently with our Google-certified CMP for mobile apps and games. Covers the GDPR, CCPA, TCF v2.2, and more.

Usercentrics Server-Side Tagging

Future-proof your online marketing. Gain more control over data flows to third parties with Server-Side Tagging — all while complying with privacy regulations.

2.3 million
websites and apps in 195 countries
7 billion
monthly consents
99%+
customer retention rate
4.3/5
rating on G2

Frequently asked questions

What is a privacy policy?

A privacy policy is a document that states what personal data you collect from your users, why, and how you keep it private. The purpose of the privacy policy is to inform your users about how their data is being handled.

Most countries have privacy laws requiring that websites collecting personal data have a proper privacy policy in place. Failure to comply can result in heavy fines and even prosecution.

Do I need a privacy policy?

You probably do. If your website collects personal data, you need a privacy policy. Most websites collect user data. Often, it happens without the website owner even being aware of it, by means of cookies. If your website is hosted, or if you use plugins, social media buttons, analytics tools and the like on your website, then user data might be processed. Find out if your website uses cookies or online trackers with our free website compliance scanner.

What should my website privacy policy include?

A privacy policy should include the following:

  • Identification of the site owner and contact details
  • Details of the data being collected and its duration
  • The legal basis for data collection and the purpose behind it
  • Specific purposes for which the data is collected
  • Categories of personal information collected from website visitors
  • Third parties which may receive the data
  • Information on cross-border data transfer and related safety measures
  • User rights and how to exercise them
  • Process for notifying users/customers about changes or updates to the privacy policy
  • The effective date of the policy
  • Information on the right to lodge a complaint with a supervisory authority

Depending on the nature of your website or business, your policy may require more information. Your website may also require other policies or legal agreements to be in place.

When do I need to update my privacy policy?

From time to time laws and third-party requirements are amended and updated; it’s important to ensure that your policies meet these latest requirements. You should seek legal counseling to ensure you know when your policy needs to be updated.

Do I need more than a privacy policy?

Yes, depending on your business operations and the regulations you must comply with, a privacy policy may not be sufficient on its own.

For example, if your business is subject to the General Data Protection Regulation (GDPR), you’ll likely need to implement a cookie consent solution to handle user consent for use of tracking technologies.

In many cases, this is best managed with a consent management platform (CMP), which helps you obtain, store, and manage user consent in a legally compliant and user-friendly way.

Beyond that, additional legal agreements may be necessary. Ecommerce websites, for instance, often require a return policy and a shipping policy to set clear expectations for customers.

Likewise, Terms and Conditions — also referred to as Terms of Service or Terms of Use — are important for outlining acceptable use of your website, setting rules for users, and protecting your business from liability.

Do I need a cookie policy if I have a privacy policy?

A separate cookie policy may not be necessary if all the necessary cookie information is already included in your privacy policy. In such a case, your privacy policy should encompass the essential privacy details along with the required cookie information. However, for clarity and to adhere to cookie regulations, maintaining a distinct cookie policy alongside your privacy policy might be preferable. This can ensure readability and compliance with all cookie-related requirements.

What is GDPR privacy policy?

The GDPR privacy policy serves as a public declaration outlining how your online platform handles the personal data of its users and other relevant parties and how data protection principles are applied. You can find detailed guidelines for crafting a privacy policy in Articles 12, 13, and 14 of the GDPR.

What are the privacy policy requirements in Germany?

The privacy policy requirements in Germany, governed by The Telecommunications Digital Services Data Protection Act, (TDDDG) and referencing the GDPR, include the need to provide the controller’s identity and contact details, the Data Protection Officer’s contact details, a detailed description of processing activities and their purposes, information about the data processed, the legal basis for processing, details about special categories of personal data, recipients of the data, usage of third-party services, data transfers to third countries, data storage duration, guidance on exercising Data Subject Rights, consent withdrawal options, complaint procedures, and disclosure of automated decision-making.

What are the privacy policy requirements in Denmark?

In Denmark, the Databeskyttelsesloven (Data Protection Law) incorporates GDPR article 13, stipulating the essential information to be provided to individuals when collecting their personal data. This includes disclosing your identity, contact details, possible Data Protection Officer (DPO) contact information, the purpose and legal basis for processing, legitimate interests if applicable, categories of recipients, data transfer to third countries, the right to object to processing, and categories of personal data if not obtained from the data subject.

Additionally, based on a specific assessment, supplementary details such as guidance on access rights and the right to file complaints with the Danish Data Protection Agency may be necessary.

What are the privacy policy requirements in Portugal?

The Portuguese Data Protection Law, which adapted the GDPR into Portuguese law, and the Article 29 Working Party Guidelines on Transparency together with the GDPR requirements are the key legislations governing privacy policy requirements in Portugal.

The requirements for privacy policy in Portugal are aligned with those of the GDPR. This includes providing detailed information to data subjects and conducting privacy impact assessments where “high-risk” processing is carried out. While there is no strict requirement to provide information in Portuguese, there is a risk that English may not be considered intelligible.

What are the privacy policy requirements in the Czech Republic?

he implementation of the EU’s new legal framework, including the GDPR and the Personal Data Processing Act 2019 (ZZOÚ), modernizes data protection in the Czech Republic. ZZOÚ re-creates a supervisory authority for data protection – the Data Protection Authority (Czech DPA). The GDPR has a direct effect in the Czech Republic, but ZZOÚ provides additional provisions to accommodate national requirements, especially in sections 5 to 15.

The Czech Republic’s privacy policy, in line with GDPR, mandates the inclusion of specific information, such as the controller’s identity and contact details, purpose and legal basis for processing, recipients of personal data, details of international transfers, data storage period, data subject rights, consequences of failing to provide data, and information on automated decision-making and profiling. Controllers must also inform data subjects of any further processing of existing data for a new purpose.

What languages are available for my privacy policy?

 

English, Italian, German, Dutch, with more languages coming soon.

For which data privacy regulations can I generate a privacy policy?

The privacy policy generator supports GDPR compliance, as well as CCPA/CPRA, COPPA and compliance with US state privacy laws, with additional regulations to follow soon.