At aprompt, we love making great looking secure websites for our customers, but data privacy and “legal stuff” is important for any professional business and this has to be addressed.

Here’s our ultimate guide to making sure you have the right privacy policy for your website:

Do I need to have a privacy policy on my website?

Yes, you will need a website privacy policy. The law has evolved considerably in recent years with the arrival of GDPR (which stands for General Data Protection Regulation) to ensure that digital personal data is protected.

The law currently requires that you have a privacy policy or similar wording on your website to cover anything that’s related to personal data - and that includes if you are tracking visitor activity via Google Analytics (which would require you to include a Cookie Notice within your Privacy Policy) as well as any information that you have requested, for example, on your enquiry forms within contact pages.

This applies to all business websites from simple CMS websites and eCommerce websites to a one page website or landing page. And the same applies whether you’re using a website template or a custom website design.

You might want to find out more about GDPR by reading one of our earlier blog posts: What is GDPR

What to write in a privacy policy

Unless you are an expert in law, writing a privacy policy can be quite daunting and the wording needs to be tailored to your business and your processes.

If you use your website for lead generation to create sales, for example, then it needs to include what you will do with their contact details. Similarly, eCommerce websites need to cover data privacy when someone is ordering products online.

While some web designers and eCommerce website developers might provide a template for your privacy policy, there are also plenty of websites offering services to help you create your own wording for a relatively low cost.

Before using any third-party services to make your own privacy policy, we recommend visiting the ICO website which provides valuable advice on what to write in a privacy policy.

Where should the privacy policy be positioned on a website?

Your privacy policy should be easily accessible to anyone visiting your website, especially when you are requesting data on your contact form - or when capturing personal information to place an order on eCommerce websites.

When someone visits your website for the first time, and you use tracking software such as Google Analytics, the cookie notification should also include access to your privacy policy.

Other factors to consider with your privacy policy:

Although your privacy policy should be easily accessible, this doesn’t mean it should dominate your website or brand messaging. At aprompt, we work with businesses to ensure that website visitors enjoy their online experience, while still being able to access the privacy policy easily.

It’s important to work with a web design company that knows how to get the right balance between having a great-looking website that’s easy to use and having a website that protects the privacy of its visitors.

You have written your privacy policy, now what?

Once you have written your privacy policy, it’s important to check it properly to make sure it covers all elements of the way that you handle data. You might also want to get it checked by a solicitor.

How to copy a privacy policy

Please make sure you do not copy someone elses privacy policy. Each business is different and if you copy a websites privacy policy then it might not match your policies or even the laws of the country you’re doing business in. So you will have to write it yourself or you can get help from the ICO 

Adding privacy policies to websites

Your privacy policy then needs to be added to your site. Send the privacy policy to your website designer so that they can add it to your website. Or if you have an editable website from us, you’ll be able to add a page and add the content yourself within minutes

Make sure to review your privacy policy regularly - as well as when any changes are made to the regulations! If you make changes to your business processes then you might also need to update your policy to reflect what you are doing with personal data.

Web designers and eCommerce website developers are unlikely to be aware of any changes that you have made to your internal processes so don’t rely on them to prompt you to make changes.

If you need to make changes to your policy after reviewing it, get in touch with your web design company immediately so that they can update the website, or just log in to your admin area to make the changes if you have a custom website design from aprompt.

Need further help with your privacy policy?

If you need a new website or are considering updating your current site then aprompt can help. We work with clients to make sure that their websites attract new visitors and that their sites are GDPR compliant.


Give us a call on 01249 448 139 today to find out more.