LogoDocumentation

Writing a privacy policy

All businesses with an online presence that store or process sensitive personal data are required to explain to their visitors how they handle their personal data. You can read about this in the Cookies & GDPR section.

Use our template to create a privacy policy for your online store.

Best practices

Privacy notices should avoid using qualifiers such as "may", "may", "some", "often", etc., as they are intentionally vague. Writing should be in the active voice and sentences and paragraphs should be well-structured, using bullet points to highlight specific points of note. Avoid unnecessary legal and technical jargon.

According to the European Commission's GDPR guidelines, the following sentences are not sufficiently clear regarding the purposes of the processing.

  • "We may use your personal data to develop new services" (as it is not clear what the "services" are or how the data will help us develop them)
  • "We may use your personal data for research purposes" (as it is not clear what kind of "research" is being referred to)
  • "We may use your personal data to offer personalized services" (as it is not clear what "personalization" entails)

Από την άλλη, αυτά τα είδη φράσεων είναι πολύ καλύτερα:

  • "We will retain your purchase history and use the details of the products you have purchased in the past to make suggestions to you about other products that we think you may also be interested in" (it is clear that, the types of data that will be processed and the data subject will be subject to targeted product advertising and that their data will be used to enable this)
  • "We will retain and evaluate information about your recent visits to our website and how you move around different parts of our website for analytical purposes, to understand how users use our website in order to make it more intuitive" (it is clear what type of data will be processed and what kind of analysis the controller is going to undertake)
  • "We will keep a record of the articles on our website that you have clicked on and will use this information to target advertising on this website to you that is relevant to your interests, which we have identified based on the articles you have read" (it is clear what personalisation entails and how the interests attributed to the data subject are determined)

Privacy policy template

[Our Company] is a member of the [Our Company Group], which includes [Our International Company] and [Our Company Direct]. This privacy policy explains how our organization uses the personal data we collect from you when you use our website.

What data do we collect?

Our Company collects the following data:

  • Personally identifiable information (First name, last name, email address, etc.).
  • [Add any other data your company collects]

How do we collect your data?

You provide our Company with most of the data we collect directly. We collect data and process data when:

  • Register online via the platform's free trial form.
  • Provide feedback in any of our messages or via email.
  • Use or view our website via browser cookies.
  • Send an email via the contact form.
  • [Add other ways your company collects data]

Our Company may also receive your data indirectly from the following sources:

  • [Add any indirect data source from your company]

How will we use your data?

Our Company collects your data so that we can:

  • Create your online store and manage your account.
  • Process your order.
  • Send you emails with updates and information that we think you might like.
  • [Add how else your company uses the data]

If you agree, our Company will share your data with our partner companies so that they can offer you their products and services.

  • [List the organizations that will receive the data]

When our Company processes your order, it may send your data and also use the information obtained from credit reporting agencies to prevent fraudulent purchases.

How do we store your data?

Our Company stores your data securely [insert location and describe the security precautions you have taken].

Our Company will retain the data for [insert period]. Once this period has expired and if you do not use our service, we will delete your data by deleting it from the database.

Marketing

Our Company would like to send you information about our products and services that we think you would like, as well as those of our partners.

  • [List the organizations that will receive the data]

If you have agreed to receive updates, you can always opt out later. You have the right at any time to prevent our Company from contacting you for marketing purposes.

What are your data protection rights?

Our Company would like to make sure that you are fully aware of all your data protection rights. Each user is entitled to the following:

The right to access - You have the right to ask our Company for copies of your personal data. We may charge you a small fee for this service.

The right to rectification - You have the right to ask our Company to correct any information that you believe is inaccurate. You also have the right to ask our Company to complete the information you consider incomplete.

The right to erasure - You have the right to ask our Company to erase your personal data, under certain conditions.

The right to restriction of processing - You have the right to ask our Company to restrict the processing of your personal data under certain conditions.

The right to object to processing - You have the right to object to the processing of your personal data by our Company under certain conditions.

The right to data portability - You have the right to ask our Company to transfer the data we have collected to another organization or directly to you, under certain conditions.

If you submit a request, we have one month to respond to you. If you wish to exercise any of these rights, please contact us by phone at [phone number] or send us a message at [contact form or email address].

Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

For more information, visit allaboutcookies.org.

How do we use cookies?

Our Company uses cookies in a variety of ways to improve your experience on our website, including:

  • Keep you logged in to your account.
  • Understand how you use our website.
  • [Add any uses your company uses for cookies]

What types of cookies do we use?

There are different types of cookies, however our website uses:

  • Functionality - Our Company uses these cookies to recognize you on our website and remember the preferences you have previously selected. These could include your preferred language and your location.
  • Google Analytics - Our Company uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed, and information about your browser, device, and IP address.
  • [Add any other types of cookies your company uses]

How to manage cookies

You can set your browser not to accept cookies, and the above website will tell you how to remove cookies from your browser. However, in some cases, some of the features of our website may not work as a result.

Privacy policies of other websites

Our Company's website contains links to other websites. The privacy policy applies only to our website, so if you click on a link to another website, you should read its own privacy policy.

Changes to the privacy policy

The Company keeps its privacy policy under regular review and posts any updates on this website. This privacy policy was last updated on [insert date].

How to contact us

If you have any questions about our Company's privacy policy, the data we hold on you or would like to exercise one of your data protection rights, please do not hesitate to contact us.

  • Send us an email at: [email address]
  • Call us: [phone number]