Forgotten password?

Privacy policy

This is a website privacy policy template. It may be used in relation to many different types of website.

The main purpose of a privacy policy is to help a website operator to comply with information disclosure obligations under data protection legislation. Across the EU, that means compliance with the General Data Protection Regulation (GDPR). Within the UK, the Data Protection Act 2018, which adapts the GDPR for the UK context, applies. Failure to comply with data protection legislation may lead to civil liability and/or criminal law penalties.

This privacy policy is a shorter version of our privacy and cookies policy document. That document is more flexible than this policy, although at the cost of greater complexity.

To complete this template, you will need detailed information about how you or your organisation uses personal data. For example, you will need to know what personal data is processed, the purposes for which that personal data is used, the persons or categories of persons to whom that personal data may be disclosed and the periods for which that personal data will be retained. You will also need to establish the legal bases of the your processing.

Separate rules regulate the provision of information about cookies, and this document includes optional provisions dealing with cookie-related disclosures. If you retain these provisions, you will need to know the purposes for which cookies and similar technologies are used on your website.

You should consider whether you need to take specialist legal advice on data protection.

If you collect sensitive personal information (such as information about a person's health, sexuality or political affiliations), or if you collect personal information from children or about children, you should always take advice before using this (or indeed any other) privacy policy template. In any case, use of a privacy policy is only one aspect of data protection compliance.

Ask about this document

Privacy policy contents

  1. Introduction: commitment to privacy; document applies to controlled personal data; website privacy controls; consent to use of cookies; data controller name.
  2. The personal data that we collect: introduction to categories; processing of contact data; processing of account data; processing of transaction data; processing of communication data; processing of usage data; processing of other data.
  3. Purposes of processing and legal bases: setting out purposes etc of personal data processing; processing for operations; processing for publications (account data); processing for communications (contact data, account data, transaction data and communication data); processing for direct marketing (contact data, account data and transaction data); processing for research and analysis (usage data and transaction data); processing for record keeping; processing for security; processing for insurance and risk management; processing for legal claims; processing for legal compliance and vital interests protection.
  4. Providing your personal data to others: disclosure of personal data to insurers etc; disclosures of personal data to hosting services providers; disclosures of personal data to subcontractors; disclosure of personal data to payment services providers; disclosure of personal data necessary for legal compliance etc.
  5. International transfers of your personal data: introduction to international personal data transfers; UK to EEA and EEA to UK personal data transfers; international transfers to hosting services provider; international transfers to subcontractors; publication of personal data on internet.
  6. Retaining and deleting personal data: data retention introduction; personal data retention default rule; personal data retention specific rules; personal data deletion exception.
  7. Your rights: introduction to data subject rights list; list of data subject rights; learn more about data subject rights; exercise of data subject rights.
  8. About cookies: what are cookies?; persistent and session cookies; cookies and personal data.
  9. Cookies that we use: purposes for which cookies are used (including shopping cart).
  10. Cookies used by our service providers: use of cookies by services providers; google Analytics cookies; service provider cookies (generic).
  11. Managing cookies: how to manage cookies; negative impact of blocking cookies; effects on website use of blocking cookies.
  12. Amendments: amendment by publication; check for changes to
    ; notification of changes to 
  13. Our details: website operator name; company registration details; place of business; contact information.
  14. Representatives: identity and contact details of EU representative of data controller; identity and contact details of UK representative of data controller.
  15. Data protection officer: data protection officer contact details.
Privacy policy document editor previewPrivacy policy document editor previewPrivacy policy document editor preview
This is a shortened preview of the editor interface; once you create your instance you'll be able to edit the full document in our online editor.
Privacy policy document previewPrivacy policy document previewPrivacy policy document previewPrivacy policy document preview
This is a shortened preview of the DOCX output; once you create your instance you'll be able to download the full document in PDF, HTML, RTF and/or DOCX (Microsoft Word) format.