Data Processing Agreement (DPA) Template
Use our free Data Processing Agreement (DPA) template to outline how data is handled between you and your data processor
Create a tailored Privacy Policy, Terms & more in under 5 minutes.
While using a template is a perfectly acceptable way to create a privacy policy, you can never be sure of compliance. A privacy policy generator will get the job done in a fraction of the time and with less room for human error.
If you like simplicity, give ours a go. After asking you a few quick questions, our generator will create any of the legal documentâs your business requires.
Trusted by 500k customers. Unlimited policy edits. 100% money-back guarantee.
Try our privacy policy generator
Your privacy is important to us. It is [Company name]‘s policy to respect your privacy and comply with any applicable law and regulation regarding any personal information we may collect about you, including across our website, [Website URL], and other sites we own and operate.
Personal information is any information about you which can be used to identify you. This includes information about you as a person (such as name, address, and date of birth), your devices, payment details, and even information about how you use a website or online service.
In the event our site contains links to third-party sites and services, please be aware that those sites and services have their own privacy policies. After following a link to any third-party content, you should read their posted privacy policy information about how they collect and use personal information. This Privacy Policy does not apply to any of your activities after you leave our site.
This policy is effective as of [Date policy is uploaded to your website]
Last updated: [Date last updated]
Information we collect falls into one of two categories: âvoluntarily providedâ information and âautomatically collectedâ information.
When you visit our website, our servers may automatically log the standard data provided by your web browser. It may include your deviceâs Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details about your visit.
Additionally, if you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error happened, and other technical information relating to the problem. You may or may not receive notice of such errors, even in the moment they occur, that they have occurred, or what the nature of the error is.
Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons.
When you visit our website or interact with our services, we may automatically collect data about your device, such as:
Data we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.
We may ask for personal information â for example, when you submit content to us or when you contact us â which may include one or more of the following:
We only collect and use your personal information when we have a legitimate reason for doing so. In which instance, we only collect personal information that is reasonably necessary to provide our services to you.
We may collect personal information from you when you do any of the following on our website:
We may collect, hold, use, and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with these purposes:
We may combine voluntarily provided and automatically collected personal information with general information or research data we receive from other trusted sources. For example, Our marketing and market research activities may uncover data and insights, which we may combine with information about how visitors use our site to improve our site and your experience on it.
When we collect and process personal information, and while we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification.
Although we will do our best to protect the personal information you provide to us, we advise that no method of electronic transmission or storage is 100% secure and no one can guarantee absolute data security.
You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services. For example, ensuring any passwords associated with accessing your personal information and accounts are secure and confidential.
We keep your personal information only for as long as we need to. This time period may depend on what we are using your information for, in accordance with this privacy policy. For example, if you have provided us with personal information as part of creating an account with us, we may retain this information for the duration your account exists on our system. If your personal information is no longer required for this purpose, we will delete it or make it anonymous by removing all details that identify you.
However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes.
We may disclose personal information to:
The personal information we collect is stored and/or processed in Australia, or where we or our partners, affiliates, and third-party providers maintain facilities.
The countries to which we store, process, or transfer your personal information may not have the same data protection laws as the country in which you initially provided the information. If we transfer your personal information to third parties in other countries: (i) we will perform those transfers in accordance with the requirements of applicable law; and (ii) we will protect the transferred personal information in accordance with this privacy policy.
Your choice:Â By providing personal information to us, you understand we will collect, hold, use, and disclose your personal information in accordance with this privacy policy. You do not have to provide personal information to us, however, if you do not, it may affect your use of our website or the products and/or services offered on or through it.
Information from third parties:Â If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such personâs consent to provide the personal information to us.
Marketing permission:Â If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.
Access:Â You may request details of the personal information that we hold about you.
Correction:Â If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.
Non-discrimination:Â We will not discriminate against you for exercising any of your rights over your personal information. Unless your personal information is required to provide you with a particular service or offer (for example providing user support), we will not deny you goods or services and/or charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, or provide you with a different level or quality of goods or services.
Downloading of Personal Information:Â We provide a means for you to download the personal information you have shared through our site. Please contact us for more information.
Notification of data breaches:Â We will comply with laws applicable to us in respect of any data breach.
Complaints:Â If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.
Unsubscribe:Â To unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details provided in this privacy policy, or opt-out using the opt-out facilities provided in the communication. We may need to request specific information from you to help us confirm your identity.
If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data, including your personal information, among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may, to the extent permitted by applicable law, continue to use your personal information according to this policy, which they will be required to assume as it is the basis for any ownership or use rights we have over such information.
Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.
At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.
If the changes are significant, or if required by applicable law, we will contact you (based on your selected preferences for communications from us) and all our registered users with the new details and links to the updated or changed policy.
If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.
The following section includes provisions that comply with the privacy laws of these states (California, Colorado, Delaware, Florida, Virginia, and Utah) and is applicable only to the residents of those states. Specific references to a particular state (in a heading or in the text) are only a reference to that state’s law and applies only to that state’s residents. Non-state specific language applies to all of the states listed above.
Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. At this time, we do not respond to browser “Do Not Track” signals.
We adhere to the standards outlined in this privacy policy, ensuring we collect and process personal information lawfully, fairly, transparently, and with legitimate, legal reasons for doing so.
Under California Civil Code Section 1798.83, if you live in California and your business relationship with us is mainly for personal, family, or household purposes, you may ask us about the information we release to other organizations for their marketing purposes. In accordance with your right to non-discrimination, we may offer you certain financial incentives permitted by the California Consumer Privacy Act, and the California Privacy Rights Act (collectively, CCPA) that can result in different prices, rates, or quality levels for the goods or services we provide. Any CCPA-permitted financial incentive we offer will reasonably relate to the value of your personal information, and we will provide written terms that describe clearly the nature of such an offer. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
Under California Civil Code Section 1798.83, if you live in California and your business relationship with us is mainly for personal, family, or household purposes, you may ask us about the information we release to other organizations for their marketing purposes. To make such a request, please contact us using the details provided in this privacy policy with âRequest for California privacy informationâ in the subject line. You may make this type of request once every calendar year. We will email you a list of categories of personal information we revealed to other organisations for their marketing purposes in the last calendar year, along with their names and addresses. Not all personal information shared in this way is covered by Section 1798.83 of the California Civil Code.
In the past 12 months, we have collected the following categories of personal information enumerated in the CCPA:
For more information on information we collect, including the sources we receive information from, review the âInformation We Collectâ section. We collect and use these categories of personal information for the business purposes described in the âCollection and Use of Informationâ section, including to provide and manage our Service.
You have rights to delete your personal information we collected and know certain information about our data practices in the preceding 12 months. In particular, you have the right to request the following from us:
To exercise any of these rights, please contact us using the details provided in this privacy policy.
In addition to the rights discussed above, you have the right to request information from us regarding the manner in which we share certain personal information as defined by applicable statute with third parties and affiliates for their own direct marketing purposes.
To receive this information, send us a request using the contact details provided in this privacy policy. Requests must include âPrivacy Rights Requestâ in the first line of the description and include your name, street address, city, state, and ZIP code.
For any questions or concerns regarding your privacy, you may contact us using the following details:
[Contact name]
[Contact details]
A privacy policy is a legal document that provides transparency around how an organization handles personal information. It details what personal data the organization collects, how they collect it, how they use it, where they store it, and whether they share the data they collect with third parties or keep it confidential.
Yes, it is mandatory. A Privacy Policy is a mandatory requirement for all websites operating in California that collect personal data. Whether you run an e-commerce store, a blog, or any other type of website, if you collect any form of personal information from your visitors, having a Privacy Policy in place is not just a good practice; itâs a legal requirement.
For websites operating in California, compliance with the California Consumer Privacy Act (CCPA) and other relevant state and federal laws is crucial. Here are three key reasons why having a Privacy Policy is imperative:
Creating a Privacy Policy for your California website involves compliance with various legal requirements.
For businesses operating in, or collecting personal data from, citizens of California, Colorado, Delaware, Florida, Virginia, and Utah, youâll need to add a few clauses to your privacy policy.
Some browsers have a âDo Not Trackâ feature that lets you tell websites that you do not want to have your online activities tracked.
While this isnât widely supported yet, youâll still need to state whether or not your website has the ability to stop tracking when it sees a âDo Not Trackâ signal. If not, you can say something along the lines of âAt this time, we do not respond to browser âDo Not Trackâ signals.â
California residents have specific privacy rights under CCPA/CPRA, including the right to know about data sharing for marketing and the possibility of financial incentives in exchange for personal information. Youâll need to include a few points addressing this.
Youâll need to include a list of the different categories of personal information youâve collected in the past 12 months as per the CCPA/CPRA requirements.
Youâll need to disclose all California residentsâ rights to request information about how their data is collected, used, and shared, as well as their right to request deletion of personal information as per the CCPA/CPRAâs transparency requirements.
This section addresses California Civil Code requirements for businesses to disclose how they share personal information with third parties for direct marketing purposes