How to generate your privacy policy
The process is simple and quite easy:
- Create and customize your privacy policy: It is important to create a document that reflects all your data processing activities. Your policy will not look like another company’s because it should fit your unique business situation. Make sure you have generated a comprehensive privacy notice that mentions all legally required texts and all technologies that collect data on your website. The cookie policy is generated automatically – for this you need to activate it, see how: Cookie Management Tool [Introduction and First Steps].
- Add the privacy policy to your site: Once you have created the document, it is time to install it on your website. According to legal requirements and common practice, the link to the cookie and privacy policy must be visible and easily accessible. With GDPR Protect, you have different integration methods to choose from to make this process easier!
- Update and refine your policy as needed: This is one of the main reasons to use the generator, because it allows you to dynamically integrate your policy and update it at any time. As privacy laws and your website change, you will need to add new clauses or technologies. With GDPR Protect, you can do this quickly and easily.
1. Create and customize your privacy policy
Your privacy policy should be adapted to the data collection practices of your site or app. This is done by adding a service.
Services generally fall into two categories:
- Services related to your own data collection activities (e.g. contact forms)
- Services related to third-party data collection activities (e.g. Google Analytics)
Use the Site Scanner tool, which allows you to quickly inspect your site in real time and identify which services you need to add to your policy. Keep in mind that while our scanner is powerful, it can only scan technologies that are directly integrated into your pages. Therefore, you will need to manually add clauses related to data processing activities such as sending newsletters.
When trying to figure out which essential services to add to your policy, you might ask yourself the following questions:
What user data do I collect myself and how do I collect it?
Example: newsletter forms, contact forms, comment systems.
Which third-party services do I use on my site/app?
These services are likely to also process user data in some way and should therefore be included in your policy. Some common examples are:
- Social media widgets (e.g. Facebook like/share buttons, Twitter tweet button, Pinterest “pin it” button);
- External account access services: services that allow access to a user account on another platform (e.g. access to a Facebook account, access to a Twitter account);
- Payment processors (e.g. Stripe, PayPal);
- Tracking and analysis tools (e.g. Google Analytics, Piwik, WordPress Stats).
If you use tracking, you will need to add a cookie banner and implement a cookie management solution on your site:
- Email marketing and newsletter management software (e.g. Constant Contact, MailChimp, Mad Mimi, AWeber);
- Digital marketing and advertising services (eg Google Adsense, Google Ads, AdButler).
For what purposes do I collect this data?
In most cases, the purpose of data collection is standard and automatically included in the added services. However, when generating your privacy policy, there may be cases where you need to add additional clarifications. Some common examples are:
- Selling goods and services online;
- Direct email marketing (monetizing your newsletter or promoting third-party products and services).
You can easily add custom services by simply filling out the built-in form.
2. Add a privacy policy to your site
Once the privacy policy is ready, it needs to be added to the site. This is done using the embed code we provide you.
You can make the privacy policy available on your site/app in the following ways:
- as a button with a modal window (included in the standard free version);
- as a direct link (for example, for App Stores);
- or as a direct embed on the site (which displays your privacy policy as part of your website).
3. Update your policy as needed
We constantly monitor key legal regulations and automatically update your policy to keep it valid and up-to-date. However, if you need to manually update your personal information, contact details, custom clauses or add additional services, you can simply log back into your iubenda dashboard and make the changes at any time.
