- Add information about your business: your website and/or app.
- Select the country:
- Answer the questions from our wizard relating to what type of information you collect from your users.
- 3.1. 1. Breach of Copyright
- 3.2. 2. Compliance Issues
- 3.3. 3. Inaccurate Legal Terms
- 3.4. 4. Failure to Address Actual Business Needs
- 3.5. 5. Damage to Your Reputation
- 5. Conclusion
- What type of data you collect
- Why you collect this data
- What you do with this data
- Who you share the data with
- What privacy rights people have
- How people can exercise those rights
If you'd like a fuller explanation of what Privacy Policies are, read our comprehensive introduction to Privacy Policies.
Yes. If your business processes any personal data, even if it's just a visitor's name or IP address, then privacy laws around the world require you to provide a document explaining why you collect that personal information and how it's used.
1. Breach of Copyright
Here is an example from New York University:
However, when it comes to fair use, there's a risk that the copyright owner will challenge your use of the content in any way, even if you make enough changes that you're not simply copying it word-for-word. What's more, to rely on fair use, you should be crediting the original creator or at least declaring that you're using the content under fair use provisions.
2. Compliance Issues
- Where your business is based
- What type of data you process, and
- Where your customers are located
- Your legal basis for processing personal data
- The rights people have, for example, the right to be forgotten
- How people can exercise their privacy rights
Here's an example from Gym+Coffee of what such a section might look like:
3. Inaccurate Legal Terms
For example, maybe you have a dating app or website. You need clauses which address matters such as the data you might collect to verify a user's age and how you stop minors from using your services.
Here's an example of such a clause from dating app Bumble:
4. Failure to Address Actual Business Needs
Say you're a medical services provider. You have different processing needs, compliance requirements, and privacy considerations than, say, a gaming app developer.
As an example, healthcare businesses often process large volumes of sensitive data such as medical records. You'll need very strict security processes and specific clauses addressing how you handle sensitive data.
Here's how Bumble does this:
5. Damage to Your Reputation
- If you're sued for copyright infringement, investors may be unwilling to fund your business as they will be concerned about how much it might cost to settle the lawsuit, or if such a costly violation will occur again. You will become a risk versus an asset to investors.
- Other business owners may be reluctant to recommend you or partner with you if you're involved in copyright disputes or there's any concern over your data processing practices. Your reputational damage can trickle over to them.
Whether you're an app developer or you run an online store, there's a huge amount of competition out there. To grow your business and build a loyal customer base, you must do everything possible to create a reputable brand image.
- Use a template and other Privacy Policies for example clauses
Let's consider each approach in turn.
You can also take inspiration from existing Privacy Policies to help guide your own drafting.
You can take inspiration about the use of bullet points and bold font, as well as get an idea of the scope of what information other businesses are collecting and disclosing.
Etsy, for example, requires users to be 18 or over, and the company doesn't knowingly sell personal data that belongs to minors. So, you might identify the points Etsy covers in this clause and use them as a compass for writing your own similar clause:
- Taking whole clauses and using them in your Policy without changing any wording.