The Data Protection Act (DPA) 2018 is the UK's updated data protection law which became effective on 25th May 2018 and was recently amended on the 1st January 2021 to reflect the United Kingdom's exit from the EU. It sits alongside the UK GDPR and replaces the Data Protection Act 1998. The United Kingdom is […]
Where to put a Privacy Policy on your Website?
A Privacy Policy is a legal requirement for any business or website, but where should you put your Privacy Policy on your website?
To be compliant with a number of International laws, including GDPR, CalOPPA and Australian Privacy Act 1988, your privacy policy is required to be in a prominent, easily located place on your website. Let's take a quick look at a your options.
So what are the best ways for you to comply with this requirement and ensure your users have access to how you handle their personal data?
On this page
Privacy Policies and International Privacy Laws
There are a number of International Privacy Laws which require you to have a privacy policy and that the privacy policy be made easily available to your users/customers.
CalOPPA
The California Online Privacy Protection Act specifies that in order to make your privacy policy easily available to your users you should:
Use a conspicuous link on your homepage containing the word “privacy.” Make the
https://oag.ca.gov/sites/all/files/agweb/pdfs/cybersecurity/making_your_privacy_practices_public.pdf
link conspicuous by using larger type than the surrounding text, contrasting color or
symbols that call attention to it.
Put a conspicuous “privacy” link on every web page where personal information
is collected.
Format the policy so that it can be printed as a separate document.
GDPR
The General Data Protection Regulation requires you to make your privacy policy accessible from all pages.
Generally, a privacy notice will be provided in writing and, where appropriate, supplied electronically. Every organization that maintains a website should publish their privacy notice there, under the title “Privacy Policy,” and it should be accessible via a direct link from every webpage. If a website collects any personal data online, the privacy notice or a link to it should be provided on the same page where the data collection occurs.
https://gdpr.eu/privacy-notice/
Australian Privacy Act 1988
The Australian Privacy Act 1988 outlines in it's first Privacy Principle that:
An APP entity must have a clearly expressed and up-to-date APP Privacy Policy about how it manages personal information.
An APP entity must take reasonable steps to make its APP Privacy Policy available free of charge and in an appropriate form (usually on its website).
https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines/chapter-1-app-1-open-and-transparent-management-of-personal-information/
Where to Display your Privacy Policy?
In order to comply with the above International laws, your Privacy Policy needs to be placed in a prominent position on your website and on any page where you collect personal data from your users.
Header Menu
The clearest and most prominent placement of your privacy policy is having it in your header menu. We have placed our privacy policy along with other important legal documents such as the terms and conditions agreement along with the feedback page in the header menu on our website. The header menu is available from any page on the website and users can easily navigate to read the privacy policy.
Make sure that you have clearly labeled your policy "Privacy Policy" so there is no confusion for users. This clearly meets the requirements for all of the above international laws.
Footer
The footer is the most popular place for websites to put their privacy policy. The footer is also available from any page on your website, which is important when you are complying with international privacy laws.
Freepik have placed their Privacy Policy in the footer of their website under the heading "Legal", which makes it easy to find.
About Us
Another place your privacy policy could be located is in the main menu under the "About us" section. This is a convenient and easily accessible option, which once again, is available on any page of your website.
Checkout Forms
A really easy way to ensure your Users can locate your privacy policy is by adding it to your check out form. This is usually done by placing a check box next to a statement such as "I have read and agreed to the Privacy Policy of this website." This check box is placed near the pay button and the transaction cannot be processed until the check box is checked. A link to your privacy policy s provided.
The other way in which this is frequently done is by the customer having to agree to the privacy policy by making the purchase, as can be seen in ASOS's checkout screenshot below.
It is important that your customers are aware of what personal information you are collecting from them, and your personal data policy before they unknowingly give yo their data. This is a great way of having proof that you have given your customer this information.
Conclusion
There is a common theme amongst privacy laws, and that is you must have a conspicuous, easily accessible privacy policy located on your website. It should be located on any page where you collect personal information from your users. The most common places are:
- header menu
- footer
- about us
- checkout forms
Disclaimer
The information in this article is for informational purposes only and should not be construed as legal advice on any matter and does not create a lawyer-client relationship