Where to put a Privacy Policy on your Website?

A Privacy Policy is a legal requirement for any business or website, but where should you put your Privacy Policy on your website?

To be compliant with a number of International laws, including GDPR, CalOPPA and Australian Privacy Act 1988, your privacy policy is required to be in a prominent, easily located place on your website. Let’s take a quick look at a your options.

So what are the best ways for you to comply with this requirement and ensure your users have access to how you handle their personal data?

where to put your privacy policy on website

Privacy Policies and International Privacy Laws

There are a number of International Privacy Laws which require you to have a privacy policy and that the privacy policy be made easily available to your users/customers.

CalOPPA

The California Online Privacy Protection Act specifies that in order to make your privacy policy easily available to your users you should:

Use a conspicuous link on your homepage containing the word “privacy.” Make the
link conspicuous by using larger type than the surrounding text, contrasting color or
symbols that call attention to it.
Put a conspicuous “privacy” link on every web page where personal information
is collected.
Format the policy so that it can be printed as a separate document.

https://oag.ca.gov/sites/all/files/agweb/pdfs/cybersecurity/making_your_privacy_practices_public.pdf

GDPR

The General Data Protection Regulation requires you to make your privacy policy accessible from all pages.

Generally, a privacy notice will be provided in writing and, where appropriate, supplied electronically. Every organization that maintains a website should publish their privacy notice there, under the title “Privacy Policy,” and it should be accessible via a direct link from every webpage. If a website collects any personal data online, the privacy notice or a link to it should be provided on the same page where the data collection occurs.

https://gdpr.eu/privacy-notice/

Australian Privacy Act 1988

The Australian Privacy Act 1988 outlines in it’s first Privacy Principle that:

An APP entity must have a clearly expressed and up-to-date APP Privacy Policy about how it manages personal information.

An APP entity must take reasonable steps to make its APP Privacy Policy available free of charge and in an appropriate form (usually on its website).

https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines/chapter-1-app-1-open-and-transparent-management-of-personal-information/

Where to Display your Privacy Policy?

In order to comply with the above International laws, your Privacy Policy needs to be placed in a prominent position on your website and on any page where you collect personal data from your users.

Header Menu

The clearest and most prominent placement of your privacy policy is having it in your header menu. We have placed our privacy policy along with other important legal documents such as the terms and conditions agreement along with the feedback page in the header menu on our website. The header menu is available from any page on the website and users can easily navigate to read the privacy policy.

Make sure that you have clearly labeled your policy “Privacy Policy” so there is no confusion for users. This clearly meets the requirements for all of the above international laws.

Our Privacy Policy in top navigation

Footer

The footer is the most popular place for websites to put their privacy policy. The footer is also available from any page on your website, which is important when you are complying with international privacy laws.

Freepik Privacy Policy in the Footer

Freepik have placed their Privacy Policy in the footer of their website under the heading “Legal”, which makes it easy to find.

About Us

Another place your privacy policy could be located is in the main menu under the “About us” section. This is a convenient and easily accessible option, which once again, is available on any page of your website.

Checkout Forms

A really easy way to ensure your Users can locate your privacy policy is by adding it to your check out form. This is usually done by placing a check box next to a statement such as “I have read and agreed to the Privacy Policy of this website.” This check box is placed near the pay button and the transaction cannot be processed until the check box is checked. A link to your privacy policy s provided.

The other way in which this is frequently done is by the customer having to agree to the privacy policy by making the purchase, as can be seen in ASOS’s checkout screenshot below.

ASOS privacy policy is linked at checkout.

It is important that your customers are aware of what personal information you are collecting from them, and your personal data policy before they unknowingly give yo their data. This is a great way of having proof that you have given your customer this information.

Conclusion

There is a common theme amongst privacy laws, and that is you must have a conspicuous, easily accessible privacy policy located on your website. It should be located on any page where you collect personal information from your users. The most common places are:

  • header menu
  • footer
  • about us
  • checkout forms

Your Legal Toolkit

Latest Articles

Privacy Policy vs Terms and Conditions

A Privacy Policy and a Terms and Conditions agreement are both legal documents that are required for any business or website. A Privacy Policy is required by law if you collect and process personal information and a Terms and Conditions agreement  is the guidelines for using your site and helps limit legal liability for you. The […]

Read More...
What is PIPEDA? 🤔

PIPEDA stands for Personal Information Protection and Electronic Documents Act. It is a federal privacy law which applies to private sector organizations in Canada who collect, use or disclose personal information for commercial activity. PIPEDA law regulates how businesses collect, use and disclose personal information from their customers for use in a commercial activity. But […]

Read More...
What is CalOPPA?

CalOPPA stands for California Online Privacy Act. It is a state law of California which came into effect in 2004 and was amended to extend it’s reach in 2012. It requires websites and online services to post a privacy policy on their websites if they collect any personally identifying information from residents in California, and […]

Read More...