Privacy policy

Price:  £10.00(Inc. 20% VAT)(£8.33 Exc. VAT)

A simple privacy policy to help your website comply with data protection legislation, including the GDPR.


We created this website privacy policy template for use in relation to a wide variety of different types of website.

The main purpose of a privacy policy is to help a website operator to comply with information disclosure obligations under the Data Protection Act 1998 and, from 25 May 2018, the General Data Protection Regulation (or GDPR). Failure to comply can lead to civil liability and criminal law penalties. The types of disclosure prompted by this template include the following:

  • details of the categories of personal information that the operator will collect, including specific details where the information is not collected directly from the data subject;
  • information about the uses to which personal information may be put and the legal bases of processing;
  • identifying the persons, and classes of persons, to whom personal information may be disclosed;
  • specifying what (if any) international transfers of personal information may take place;
  • setting out the operator's policies in relation to the retention and deletion of personal information; and
  • identifying the security measures taken by the operator to secure personal information.

All website owners should also have an appropriate terms of use document on their websites.

If you are operating an ecommerce website selling goods, you should consider our ecommerce terms and conditions pack, which includes a privacy policy adapted for ecommerce websites.

  1. Introduction
  2. How we use your personal data
  3. Providing your personal data to others
  4. International transfers of your personal data
  5. Retaining and deleting personal data
  6. Amendments
  7. Your rights
  8. About cookies
  9. Cookies that we use
  10. Cookies used by our service providers
  11. Managing cookies
  12. Our details
  13. Data protection officer
  • Template length: 10 pages
  • Editing notes length: 9 pages
  • Author: Alasdair Taylor

When was this policy updated for the GDPR?

The privacy policy was updated in October 2017, although the GDPR comes / came into force on 25 May 2018.

How does this policy cover both the Data Protection Act 1998 and the GDPR?

An additional GDPR-friendly "Your rights" section is included with the policy, which should be swapped out in May.

The remainder of the provisions have been drafted with the GDPR in mind, but do not conflict with the pre-GDPR law.

Will this template privacy policy ensure that my website is legal with respect to data protection law?

No - a template can't give you tailored legal advice.

Wherever practicable, you should consider whether you need to take specialist advice on data protection. If your website collects "special categories" of personal information (such as information about a person's health, sexuality or political affiliations), or if your website collects personal information from children or about children, you should always take advice.

Ask a question


Customers who bought this item also bought: