• Web Design
  • Graphic Design
  • Our Work
  • About
  • Blog
  • Contact

What do you need in your Privacy Policy?

What do you need in your privacy policy? Adventure Graphics can guide you through it

Under the privacy laws if you request, keep and process personal data you will need a privacy policy, but what do you actually need in your privacy policy?


Although you might not think you do process personal data initially, every business does somehow.

  • If you have employees, you store and process personal data.
  • If you have an enquiry form on your website, you hold and process personal data.
  • If you keep customer records, you hold and use personal data.
  • If you use Google Analytics, you are handling personal data.

It’s pretty safe to say your business will need a privacy policy.

The thought of a privacy policy can seem quite daunting. It is not about blinding consumers with legal technicalities though. It’s the complete opposite.

Essentially, your privacy policy needs to be transparent and honest. It’s about moving away from this ‘cloak and dagger’ world of holding onto personal information.

And it’s not just about what you need in your privacy policy, it’s about how you include it.

The Information Commissioner’s Office (IOC) states, in its framework, that privacy policies should be written in easy-to-understand, human language. It shouldn’t read like a lawyer has written it. It should read like a responsible, open person has written it.

So what exactly do you need in your privacy policy the following items, but you need to have it truthfully and in layman’s terms so that it is easily accessible to the reader:

  • What is personal data?
  • What personal data do you collect?
  • How do you obtain this data?
    • Information given by the individual, e.g. enquiry forms, email subscription
    • Information collected from the individual, e.g. cookies, analytics
    • Information from third parties
  • Why do you collect this data?
  • Why can you hold this data?
  • How long you keep this data?
  • Who uses the data?
  • How do we protect your data? E.g. internal systems, secure servers, SSL certificates, a 2-tier password system
  • Who do we share your information with?
  • What rights do you have?
    • Right to be forgotten, e.g. opt-out methods
    • Right to request copies of information
    • How they can request information

If you follow the above structure, you will have everything you need in your privacy policy.

If you want some help though, get in touch. We help all our website clients work out what they need in their privacy policy and have a template for them to use. Happy to help you too.

Share this post