- Add information about your business: your website and/or app.
- Select the country:
- Answer the questions from our wizard relating to what type of information you collect from your users.
- 1. What is Dropshipping?
- 3.1. Introduction
- 3.2. Contact Details
- 3.3. Jurisdiction
- 3.4. Consumer Privacy Rights
- 3.5. Personal Data Collected
- 3.6. How You Collect Personal Data
- 3.7. Purpose of Data Collection
- 3.8. Third Party Sharing and Tracking
- 3.9. Links to Other Policies
- 3.10. Privacy Law Compliance
- 4.1. Website Footer
- 4.2. Points of Data Collection
- 4.3. Within Other Policies
- 5. Conclusion
What is Dropshipping?
Before we get into Privacy Policies in any detail, though, let's be clear on what dropshipping actually is.
Dropshipping is a type of ecommerce. It allows you to sell goods to customers without storing your own inventory, so there's no need to fulfill your own orders. Instead, you simply ask a third-party company to ship the products straight to the consumer.
A dropshipping transaction basically looks like this:
- A customer places an order with you
- You pass the sales order to a third-party supplier
- The supplier provides the stock and ships it directly to your customers
It's quick to get started, and you don't need to worry about running your own warehouse or handling delivery logistics.
Yes, for two main reasons.
Next, if you use a third party platform, it's almost always stated somewhere in the terms of the service that you must set out how you use your customer's information.
- The rights people have over their personal data
- What type of personal information you collect
- Why you need this information
- How you process this information
- Who you share the information with
- How customers can contact you for further information or to opt out of data collection
Let's take a look at these and some other important clauses.
Here's an example from dropshipping store, Dog Pawty:
Next, set out the relevant jurisdiction. All this means is explaining which country's laws apply if a dispute arises between you and a customer, so you only need a few lines for this clause.
While this is a long clause, it should be noted that most clauses that cover this information are much shorter. For example, the highlighted sentence in the screenshot could be its own full clause and titled "Governing Law."
Consumer Privacy Rights
For example, if the EU's General Data Protection Regulation (GDPR) applies, people have the right to delete, amend, or access their personal data at any time.
Dog Pawty sets these rights out using clear, succinct language:
Levi's has a good example for this:
Personal Data Collected
You should tell people that you're collecting personal data at all, and what type of data you collect. This will include, for example, their name, delivery address, and payment information. However, it also means device information such as someone's IP address and browser data, so be sure to disclose this in the clause:
Here's an example of a good clause from dropshipping store Mini Smart World:
How You Collect Personal Data
It's not enough to state that you collect personal information. You must also disclose how you collect it, too.
You can, however, make this clause broader to cover as many scenarios as possible.
Purpose of Data Collection
You need a valid reason to collect someone's personal information. For example, if the GDPR applies, then you can't collect personal data unless it's for one of the purposes set out in the Act. However, no matter which law applies, you still need to set out the purpose of collecting personal data.
Let's return to Meowingtons. Again, the company uses clear, accessible language and short sentences to set out why it collects personal data from customers:
You don't need an overly complicated clause here. Just provide enough information to justify why you're collecting personal data, and how you use it.
Here's another example of a short but sufficient clause from Mini Smart World:
Third Party Sharing and Tracking
Again, there's no need for a lengthy clause here. It's all about explaining things in a clear, succinct way so that the average consumer can understand what's happening to their personal data.
Here's an example from Warmly Decor. The company shares personal data with third parties to complete customer orders, and it runs data through Google Analytics to improve the user experience. You'll note that Warmly Decor explains how users can opt out of analytics, which is a great practice:
You should also specify if you use customer data for targeted advertising of any kind and, again, explain how users can opt out of this. Here's how Warmly Decor phrases such a clause:
Links to Other Policies
Here's an example from Macy's that links to the full Notice of Privacy Practices agreement, as well as to more information about its credit card services, which is a huge branch of the company:
Privacy Law Compliance
For example, if the EU's GDPR applies to you, then you'll need a clause setting out your lawful basis for processing personal data. Or, if the CCPA (CPRA) applies, you must inform consumers they have the right to opt out of data collection. We've touched on these extra clauses above, but just be sure you know when and how to use them.
Get legal advice if you're in any doubt as to which privacy laws apply to you or how to comply with them.
Ensure it's visible on both the desktop and mobile versions of your website.
Points of Data Collection
- When someone opens an account
- Before a customer completes a purchase
- When someone signs up to receive marketing or other communications from you
- Within other linked policies
Within Other Policies
Ideally, place the link near the start of your other policy so customers can find it easily.
- The website footer
- At the point of data collection (signing up for emails, completing an order, etc.)
- Within other policies
- Business contact details
- Applicable laws
- Consumer rights over personal data
- Type of data collected
- Purpose of data collection
- Data sharing purposes
- How you collect data
- Third party tracking and sharing practices
It's a good idea to link through to your other policies, too.
Remember to always check any applicable laws to see what other additional clauses you may need.