Privacy Policy for WordPress Websites

If you run a WordPress website, you almost certainly will need a Privacy Policy. This is because if your site collects any personal information, privacy laws require a Privacy Policy, and WordPress requires that you comply with relevant laws when using its platform.

This article will teach you why you need a Privacy Policy for WordPress websites, how to meet Privacy Policy requirements, how to create a Privacy Policy for your WordPress site, and how to display and get agreement to your Privacy Policy once it's written.

Why You Need a Privacy Policy for WordPress Websites

Any time you collect users' personal information, you need to make sure that you have a Privacy Policy in place because privacy laws require this.

Common ways that WordPress websites collect personal information include through the following functions and features:

• Using Google Analytics:If you use Google Analytics to monitor traffic and interactions with your website, you're collecting personal information. Google Analytics uses things like IP addresses and cookies to analyze your site's traffic, both of which are considered to be personal information under privacy laws.
• Allowing comments: A great way to encourage user interaction and make your website more attractive is to allow user comments. However, when a user leaves a comment, personal information like a name and email address is collected. Cookies are also used to remember that user for future comments.
• Having advertisements: Third party advertising programs (such as Google AdSense) operate by collecting behavioral information of your users, which is legally protected information.
• Using contact forms: If you request information like email addresses from your visitors so you can send them email newsletters, you're obviously collecting personal information. Not only will this trigger the requirement for a Privacy Policy, but you should also be getting consent to contact them.

If your WordPress site takes advantage of any of these features, you'll need a Privacy Policy.

If you don't maintain a Privacy Policy on your WordPress websites, you run the risk of violating state and global privacy legislation, which can result in considerable financial penalties.

Having a Privacy Policy on your website is also a great way to help build trust with users, which is essential in creating long-term customers.

WordPress Privacy Policy Requirements

WordPress requires that you comply with state and global privacy requirements when using its services:

In order to stay compliant with WordPress's Privacy Policy requirements, you need to make sure that you are aware of any privacy laws that apply to your business or protect your users' privacy rights.

As noted above, many privacy laws require that you maintain a Privacy Policy on any website that collects users' personal information, as well as provide a way for users to access and delete any information you may have collected from them.

Let's look at some of these laws.

Global and State Privacy Legislation Requirements

It's important to make sure that your WordPress website complies with any applicable legislation in order to avoid penalties in the form of harsh fines.

Some of these laws include:

• The General Data Protection Regulation (GDPR) from the EU
• The California Online Privacy Protection Act (CalOPPA) and the California Consumer Privacy Act (CCPA) from the U.S.
• The Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada

These laws and many others all have reach far beyond the country they originate in. Since your WordPress website is accessible to users around the world, you'll need to comply with these laws by having a Privacy Policy posted, regardless of where you're personally located.

GDPR

The General Data Protection Regulation (GDPR) was adopted in 2016 and is the European Union's (EU) main privacy legislation. The GDPR requires that applicable organizations disclose what personal information is being collected, how it's collected and used, and to inform users of their rights regarding access and deletion of their personal data, among other things.

In effect, the GDPR requires a Privacy Policy to be displayed by websites that fall within its scope, such as WordPress websites.

CCPA

The California Consumer Privacy Act (CCPA) was signed into law in 2018, and is one of the most comprehensive privacy bills in the United States. The CCPA requires businesses that fall under its jurisdiction to let users know what personal information they are collecting and for what purpose and how users can access or delete their personal information, and to give users a way to opt out of the sale of their personal information to any third parties.

If the CCPA applies to you, you will need to display a CCPA-compliant Privacy Policy on your WordPress website.

You should keep informed about local and international privacy laws, and make sure to update your Privacy Policy periodically to reflect any new laws or changes to existing laws.

How to Create a Privacy Policy for WordPress Websites

There are a few different methods for creating an effective Privacy Policy for your WordPress website. The most costly method is to hire a lawyer to do it for you.

Alternatively, you can use TermsFeed's Privacy Policy Generator or free Privacy Policy Template to create a customized Privacy Policy.

When writing your Privacy Policy, you will need to make sure that it is clearly written and easy for the average person to understand. You should avoid using legalese or industry jargon.

There are a few important clauses that you should make sure your Privacy Policy contains to ensure that it meets certain legal requirements, including what personal information you collect and what you do with it, how you collect information, who you share the information you collect with and how you keep it safe, and how users can contact you and access or delete their personal information.

Let's look at how to construct a few of these important clauses.

What Personal Information You Collect

Personal information includes users' names, addresses, phone numbers, birthdays, social security numbers, and credit and debit card numbers among other data that can be used, on its own or with other information, to identify an individual. You should let users know explicitly that you collect their personal information, whether that's directly - such as through a sale or a contact form - or indirectly, such as via a third-party tracking service.

Vogue's User Agreement and Privacy Policy describes the circumstances in which it collects users' personal information:

Be as specific and detailed as possible here for the most legal compliance and transparency.

How You Collect Information

Your Privacy Policy should inform users about the processes you use to collect their information, whether you gather information directly or indirectly, and whether you require users to explicitly consent to the collection of their information.

The City University of New York's (CUNY) Privacy Policy discloses that it collects some specific information via email and online transactions:

Who You Share Personal Information With

Your Privacy Policy should contain a clause that lets users know whether you share the personal information you collect with any third parties, and who those entities are at least categorically.

The Angry Birds Privacy Notice informs users that it shares their data with its service providers and partners, as well as with users of its Services. It lets users know that it may also share their personal information if they are legally required to do so:

How You Use the Information You Collect

Your Privacy Policy should outline the purposes for which you use the information you collect.

Many privacy laws stipulate that you only collect information that is absolutely necessary to the functioning of your business. This means that you need to disclose how you use the information to ensure that you aren't collecting a huge amount of information for no legitimate purpose.

The Village Voice's Privacy Policy lists what it does with users' personal data, including responding to requests and providing necessary services:

How You Keep the Information You Collect Safe

You should make sure that your Privacy Policy covers any steps you take to protect users' personal information.

The Clorox Company's Privacy Policy includes a How We Protect Personal Information clause that lets users know that it makes "reasonable efforts" to protect their information, and reminds users that they are responsible for keeping their passwords secure:

How Users Can Access or Delete Their Personal Information

Many privacy laws require that your Privacy Policy informs users how to access and edit their personal information, along with other user rights.

Rolling Stone's Privacy Policy includes a section on Accessing and Correcting Your Information that tells users what steps they need to take to change their personal information. It lets users know that the only way that they can delete their personal information is by deleting their account and membership, and that certain information stored on backup tapes cannot be deleted:

Contact Information

You should make sure that your Privacy Policy provides at least one way for users to get in contact with you.

Penguin's Privacy Policy includes its mailing address and email address within in About Us clause:

After you have a Privacy Policy drafted and ready to display, it's time to add it to your WordPress website. The first thing you'll need to do is create a separate page on WordPress to host your policy.

How to Create a Privacy Policy Page on WordPress

Follow these instructions on how to create a Privacy Policy page for your website if it's hosted on WordPress. You can download these instructions as PDF file.

1. To start, first log in to your WordPress site.

   

2. Once on the Dashboard page, go to Pages and choose Add New.

   

3. When the page editor opens, type Privacy Policy in the title field.

   

4. Add the text of your Privacy Policy.

   If you do not have a Privacy Policy, use our Privacy Policy Generator and create it within minutes.

   If you generated the Privacy Policy with TermsFeed, go to the Copy your Privacy Policy section and click on the Copy this to clipboard button.

   

5. Go back to the WordPress page editor and paste the generated text of the Privacy Policy.

   

6. When done, click Publish.

   

How to Display Your WordPress Website's Privacy Policy

Once you have created your Privacy Policy for your WordPress site and set up a page to display it from, it's important to link it somewhere that people can easily find it. Hiding your Privacy Policy in some obscure area of your website or intentionally making it difficult to find can violate certain privacy laws. Some of the most popular places to put your Privacy Policy are within your website footer and on your checkout and account login pages.

Website Footer

Many businesses put a link to their Privacy Policy within their website footer, as it is a permanent place that users can access no matter what page of your website they navigate to, and it is a common enough practice that people expect to scroll down to find legal links.

Quartz puts a link to its Privacy Policy alongside links to its Sitemap, About page, Accessibility information, Terms of Use Agreement, Advertising information, and Jobs listings links:

Checkout Page

Another good place to put a link to your Privacy Policy is on your checkout page, as it gives users the opportunity to read about how you handle their personal information before they make a purchase.

The Dallas Mavericks checkout page includes a link to its Privacy Policy, as well as links to other relevant legal agreements:

Account Login Form

Putting a link to your Privacy Policy on your account login page or form ensures that anyone who wants to directly give you their personal information has the chance to read it.

The New York Post's account login page includes a statement that users must agree to its legal terms before creating an account, as well as a link to both its Privacy Notice and its Terms of Use:

Let's look at how you can implement some of these best practice display linking techniques in WordPress.

How to Link to a Privacy Policy URL Using Menus on WordPress

Here are instructions for how to link your Privacy Policy page URL in the footer of your website by using Menus and Custom Links on WordPress.

1. To start, log in to your WordPress website.

2. Under the Dashboard menu, scroll up to Appearances and choose Menus:

   

3. In the Menus editor, under the Menu structure section, type your Menu Name:

   

4. Next, in the section on the left side called Add menu items, click on Custom Links:

   

5. In order to get the Privacy Policy URL link that is hosted on our site you'll need to go to the TermsFeed Generators App and go to the Download page.

6. Under the "Link to your Privacy Policy" section, click on the green "Copy" button:

   

   If you do not have a Privacy Policy you can create one right now by using our Privacy Policy Generator.

7. Go back to the Menus Editor and paste your Privacy Policy URL to the URL link field. Type Privacy Policy in the URL text field. Click the Add to menu button:

   

8. Next, check the box next to "Footer Menu" under Menu Settings:

   

9. Click Save Menu:

   

You're done!

How to Link to a Privacy Policy URL Using Widgets on WordPress

Here are instructions for how to link your Privacy Policy page URL to your WordPress website by using Widgets. You can download these instructions as PDF file.

1. To start, log in to your WordPress website.

2. Under the Dashboard menu, scroll to Appearances and choose Widgets:

   

3. In the widget editor, under the "Footer" block, click on the "+" icon:

   

4. When the new block opens, click on Widget Group:

   

5. Click again on the "+" icon:

   

6. Select "Paragraph":

   

7. Next, type the name of your group (for example, "Legal"), and below it name your agreement "Privacy Policy":

   

8. In order to add your URL, you'll need to select it and click on the link icon among formatting options:

   

9. A new field for adding the URL will open:

   

10. In order to get the Privacy Policy URL hosted by TermsFeed, go to the TermsFeed Generator App and then go to the Download page of your Policy & Document.

11. Under the "Link to your Privacy Policy" section, click on the "Copy" button:

    

    If you do not have a Privacy Policy, you can create one right now by using our Privacy Policy Generator.

12. Go back to the Widget Editor and paste your Privacy Policy URL in the link field. Then hit Enter to add the link:

    

13. Click the "Update" button:

    

How to Get Agreement to Your WordPress Website's Privacy Policy

One of the simplest ways to get consent from users is to include a checkbox that users must tick in order to sign up for an account or access your website. This checkbox should be placed near a statement that makes it very clear that checking the box means the user is consenting to the Privacy Policy.

The most commonly seen and effective way to do this is with an "I Agree" checkbox or some equivalent.

Eventbrite requires those wishing to make a purchase to check a box to show the user accepts its Privacy Policy before placing an order:

Summary

WordPress requires that businesses maintain a Privacy Policy on their website if they collect users' personal information.

In order to comply with WordPress Privacy Policy requirements, you should make sure that your Privacy Policy lets users know how you handle their personal information.

There are many state and global privacy laws that you should be aware of and make sure that your Privacy Policy adheres to, as failure to comply with applicable laws can result in significant financial penalties.

You will need to make sure that your Privacy Policy is clearly written and easy to understand. Your Privacy Policy should include certain clauses, such as:

• What information you collect
• How you collect information
• Who you share the information you collect with
• How you use the information you collect
• How you keep the information you collect safe
• How users can access or delete their personal information
• How users can contact you

Once your Privacy Policy has been written, you will need to make sure that you display it somewhere that is easily accessible, such as permanently linked within your website footer and on your checkout and account login pages. It's easy to add a Privacy Policy page to your WordPress website and link to it where needed.

One of the best ways to make sure that users have read and agree to the terms outlined in your Privacy Policy is to include a checkbox that users must tick in order to sign up for an account or access your site.