Free Privacy Policy Generator
Generate a free privacy policy for your website 

Is the Privacy Policy Generator free?

Yes. The CookieYes Privacy Policy Generator is free to use. You can signup on CookieYes for free and generate a privacy policy for absolutely no cost. If you have any questions, suggestions, or complaints about the privacy policy generator, please get in touch with our support team.

What does the Privacy Policy Generator cover?

To help you stay compliant, our privacy policy template will broadly cover:

• Basic information about your business such as name, website and location
• Information about the kind of personal information that is collected from your users
• The purpose of collecting personal information from your users
• Information on tracking technologies that you may be using, such as cookies
• Information about how users can contact you for data protection or privacy-related purposes

How long does it take to generate a privacy policy?

Our Privacy Policy Generator is quick and simple, you can generate a website privacy policy customized for your business in under two minutes.

Can I download the privacy policy?

You can generate the privacy policy and receive it via email or you may copy-paste the document as text or HTML.

What is a privacy policy, and why do you need one?

A privacy policy is a statement or notice on a website that communicates with your users how it collects, uses, shares, stores, and protects their data. The privacy policy page also mentions the various measures you have taken to comply with the industrial and ethical standards. It also includes how users can change their preferences regarding data collection and use.

Privacy regulations like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) require a website to be transparent about how it processes its users’ personal data (customers and visitors). The users have the right to know how their data is being collected and handled by the website. So, to be GDPR and CCPA compliant, you must add a privacy policy to your website.

Why is everyone updating their privacy policy?

The advent of GDPR resulted in many businesses updating their privacy policy to meet the privacy requirements. The Regulation mandates businesses to be more transparent with their users. The same holds for CCPA. Also, when a business adds new services or third-party vendors or there is a change in their data processing practices, they are liable to update the privacy policy and inform the users about it.

How to write a GDPR & CCPA compliant privacy policy?

While generating a GDPR and CCPA compliant privacy policy for your website, you have to keep in mind some points, such as:

• Split into sections – split the information into different sections so that it is easy for the users to understand and find relevant details.
• Use simple and plain language – avoid complicated legal or technical terms that will confuse people. Write it in layman’s terms.
• Be concise – try to provide the information as clearly as possible and in a few words.
• Easily accessible – place the link to the policy on important parts of the site and wherever relevant.

What information is required in a GDPR privacy policy?

The Art. 13 of the General Data Protection Regulation (GDPR) has listed the necessary information one must provide if they collect personal data from the users. Let’s look at the relevant details that must go into a well-written privacy policy for GDPR compliance.

Information about the website

You must share the website administrator/company’s contact details, such as phone number, mailing address, and email address. Other information like what purpose your website serves can also be provided.

Information about data collection and processing

This section will explain what type of personal data you collect, how and why you collect it, and where you store and share it. It is crucial to mention here that you collect data only after obtaining user consent. There are several ways a website collects data, such as cookies, pixel tags, and forms. You have to explicitly mention all these and explain their purpose. Your users must be aware of why you are requesting their data to make an informed decision.

If you share data with third-party services, that also needs to be mentioned in the privacy policy. Your users must be aware of where their data will be stored and for how long.

The privacy policy must explain all the cookies (necessary and unnecessary) with what purpose they serve and for how long. It must be made clear that the users can refuse/change their cookie consent status for third-party cookies and how they can do it. Alternatively, you can create a cookie policy to add cookie information. In that case, you have to mention the link to it in the privacy policy.

Information about data protection and user rights

Inform your users about the safety measures you have adopted to keep the data safe. Or what they can do from their side to ensure data protection. You must explain how the users can contact you to exercise their rights (and its terms and conditions), such as to access, object to processing, or delete their data from your database. You have to provide information about how they can opt out of your services.

Changes to the privacy policy

The privacy policy may require periodic updations to comply with changing privacy regulations. You must inform the users of all the changes made in the policy along with the new effective dates.

What information is required in a CCPA privacy policy?

For CCPA compliance, the requirements for privacy policy are similar to the GDPR’s. If your website is subject to CCPA compliance, you must disclose the following information in the privacy policy:

• The categories of personal information (same as personal data) collected from the users.
• The categories of sources of collecting the personal information.
• The purpose for collecting or selling personal information.
• The categories of third parties with whom you share personal information.
• The various rights of consumers.
• Contact details or methods to exercise the CCPA rights.

The privacy policy must be updated every 12 months or like GDPR, whenever there is a change in your business practices. There is no standard privacy policy template. You can use your discretion to create it per the GDPR and CCPA standards. Here is a privacy policy template by the UK’s privacy regulator, ICO. Check out CookieYes’ privacy policy.

Where should I place my privacy policy?

Ideally, you should place the privacy policy where the users can easily access it. Most often, your website header or footer is the perfect area to include the policy link.

While requesting consent to collect personal data, you must disclose information about how you intend to use and process the data. Therefore, it is important to add the link in such places, so that they are aware of what happens to their data before consenting. E.g. you can provide the link to the privacy policy on your cookie banner.

What is the difference between a privacy policy and a cookie policy?

A privacy policy discloses general information related to all data processes. On the other hand, a cookie policy discloses about the use of cookies on your website. A privacy policy may also include cookie policy as a specific section. It is up to you to decide whether you want to include the cookie policy in the privacy policy or make a separate page for it. Here are some great examples of a compliant privacy policy: Google, Microsoft, Twitter, WhatsApp, and Amazon.