Privacy Policy for Squarespace
If you plan on building a website using Squarespace, then you must draft a Privacy Policy to display on your site. If you already have a Privacy Policy, you still need to check that it complies with guidelines set out by Squarespace.
This requirement isn't unique to Squarespace. Other website builders have similar requirements, so there's no way around it if you want to build a website and make it publicly accessible.
So, why do you need a Privacy Policy at all? And how can you make one that's compliant with the laws and with Squarespace? We'll help you with all of that.
Need a Privacy Policy? Our Privacy Policy Generator will help you create a custom policy that you can use on your website and mobile app. Just follow these few easy steps:
- Click on "Start creating your Privacy Policy" on our website.
- Select the platforms where your Privacy Policy will be used and go to the next step.
- Add information about your business: your website and/or app.
- Select the country:
- Answer the questions from our wizard relating to what type of information you collect from your users.
-
Enter your email address where you'd like your Privacy Policy sent and click "Generate".
And you're done! Now you can copy or link to your hosted Privacy Policy.
- 1. Personal Data and Privacy Laws
- 2. What is Squarespace, and How Does it Work?
- 2.1. Squarespace and Privacy Policies
- 2.2. The Basics of a Privacy Policy
- 2.3. The Data You Collect
- 2.4. Reason for Data Collection
- 2.5. Data Collection Method
- 2.6. Use of Data
- 2.7. Contact Details
- 2.8. Opt-Out Information
- 2.9. Squarespace and Third Party Information
- 3. How to Add a Privacy Policy Page to a Squarespace Website
- 4. Publishing Your Privacy Policy for Squarespace
- 4.1. How to Add a Privacy Policy Link to a Squarespace Website's Footer
- 5. Conclusion
Personal Data and Privacy Laws
Privacy Policies are all about personal data protection. The moment a visitor lands on your website, international privacy laws regarding personal data collection come into play. The four most important pieces of legislation you should be aware of are:
- General Data Protection Regulation (GDPR)
- Personal Information and Electronic Documents Act (PIPEDA)
- California Consumer Privacy Act (CCPA) as amended by the CPRA
- Australian Privacy Act (APA)
These laws all set out the various rights that individuals have over who can access, store, view, and handle their personal data. They also place numerous obligations on you, the business owner, to ensure that you treat a user's personal data responsibly.
In other words, it doesn't matter how much personal data you intend to collect. You must still abide by international privacy laws. What, though, is "personal data?"
Personal data is any information that can be used to identify a person or household, be it their name, email address, employment details, bio data, etc. The list is non-exhaustive, but the definition is set out best in Art 4 of the GDPR.
Since most businesses capture at least some of this data on their website visitors, it's likely that you need a Privacy Policy.
Don't be daunted by the whole idea of writing a Privacy Policy and uploading it to Squarespace. It's much easier than it sounds, and we'll briefly summarize the essentials for you.
Before we summarize what's in a Privacy Policy and how to add it to Squarespace, let's look at how Squarespace works, and what the company specifically says about Privacy Policies.
What is Squarespace, and How Does it Work?
Squarespace is a platform that helps you build and run a professional-looking website or ecommerce store without knowing the ins and outs of HTML or coding. Essentially, it works by giving you some creative flexibility to set up a website that looks impressive without spending hours learning the art of web design.
For most business owners, platforms like Squarespace are ideal. All you need to do is:
- Pick a website template
- Set up a domain name
- Build your website using the Squarespace platform
- Publish it whenever you're ready
It's easy to get started, and you can even use Squarespace's suite of marketing tools to promote your site to a larger audience. The platform has a dedicated help and support area, and you can read through this section as you build your website.
So, what does Squarespace have to say about privacy?
Squarespace and Privacy Policies
Squarespace sets out its rules about Privacy Policies for creators in its Terms of Service. You'll find the position on Privacy Policies in section 7.3 of the Terms of Service. In short, the responsibility is on you to comply with relevant international privacy laws, including those which require you to provide a Privacy Policy:
So, you must:
- Draft a Privacy Policy if you're processing personal data
- Make this Privacy Policy available to the users visiting your site
Now we're clear on why you need a Privacy Policy if you use Squarespace, let's briefly sum up what's in a legally-compliant Privacy Policy before moving on to how you load this document onto Squarespace.
The Basics of a Privacy Policy
The good news is that you don't need an overly complex or long Privacy Policy to comply with the law or Squarespace's requirements. If you include these elements in your policy, you'll fulfil the obligations set out in various international privacy laws.
To summarize, a basic Privacy Policy should have clauses explaining:
- What data you collect (i.e. personal data)
- Why you collect this data in the first place
- How you collect the data
- What you will do with this information
- Where a user can go to find out more about their privacy rights
- How the user can opt out of personal data collection
Let's very briefly consider some examples from compliant Privacy Policies to see what these clauses look like.
The Data You Collect
You must tell visitors what kind of information you collect from them, whether it's their name, contact details, or their marketing preferences. Put simply, if you're collecting data that can be used to identify a person, you must declare it.
Here's a good example from ARCH Motorcycle. The company first defines personal data and then set out which kinds of personal data it collects:
Be as detailed and transparent here as possible. Using a list format like ARCH does here is very helpful for readability and understandability.
Reason for Data Collection
The general rule is that you should only collect as much personal data as you need to provide goods and services.
Here's an example from another Squarespace website, Pixel Fondue. This clause achieves two things. First, it tells users that the list is non-exhaustive, meaning the company may use personal data for purposes that aren't explicitly set out. Secondly, it provides a clear and concise list of reasons why the data is collected:
Data Collection Method
You should set out two things: How you collect personal data, and when you collect it. You can obtain information directly, such as when the user fills in a form or gives you their data. You can also collect it indirectly, for example when you use cookies to track browser behavior.
ARCH Motorcycle sets out this distinction in its Privacy Policy. It makes clear comparisons between both forms of data collection, and gives brief but informative examples of what the terms mean:
While you don't need to list every single specific method, you do need to be as detailed as possible here and at least mention direct and indirect/automated methods for collecting personal data.
Use of Data
You can't just collect personal data for no reason. There must be a clear purpose and a justified reason. A good rule to remember is that if you can't explain why you need the data, you shouldn't collect it.
You don't need to list all the ways that you use data, but you should be able to make justifications.
Under the Ficus has a great clause for this. It's short and succinct, and it makes direct links between the information gathered and how it's used:
The bottom line is that if someone asks you why you need a specific piece of data, you must be able to answer them.
Contact Details
It's important that you make it easy for users to contact you for more information. It's also best if you leave a few contact options, for example an email address and a physical address or telephone number.
Users have a right to ask you about your Privacy Policy and find out more about their general privacy rights.
Here's an example from Pixel Fondue's Privacy Policy:
Opt-Out Information
Every user can refuse consent to marketing activity, such as signing up for newsletters. This is also known as "opting out" of unnecessary data sharing. Your Privacy Policy must make this clear and explain how people can opt-out of marketing and other unnecessary data collection.
Oscar the Grouch, a Squarespace website, makes this clear. It points out that there are very few site functions that require users to submit personal information. The user is free to opt-out of sharing this information, if they wish:
Under the Ficus also has a good clause for this. In just a few lines, it explains the procedures for obtaining consent to marketing, how users can opt-out, and even how users can withdraw consent previously given:
Squarespace and Third Party Information
Since your site is operating on Squarespace's platform, you'll need to mention in your Privacy Policy that Squarespace may collect information through your site. Including a clause about Squarespace will help your users know that there information may be used by someone else but you.
Here's how Under the Ficus does this in a clause about payment processors and third party services:
Note that it links to Squarespace's Terms of Service and Privacy Statement as well for readers who want to learn more about Squarespace's privacy practices.
Squarespace has analytics tools, which will collect legally-protected personal information. Include a clause that lets users know that you use Squarespace analytics, like Pixel Fondue does here:
Oscar the Grouch includes a short but succinct clause that lets users know that Squarespace provides certain services and may be given access to personal information, but only as described in the rest of the Privacy Policy:
Squarespace is mentioned elsewhere too, in the Information Collected Automatically clause, since Squarespace analytics tools will automatically be collecting data:
You can make mention of Squarespace wherever it makes sense to in your Privacy Policy, but some good areas would be:
- Information collected automatically clause
- Third party service providers clause
- Its own Squarespace clause
So, now you know how to draft a basic Privacy Policy for Squarespace. How do you actually create the page and post it online? Let's take a look.
How to Add a Privacy Policy Page to a Squarespace Website
Squarespace makes it easy to add a page where you can display your Privacy Policy on your website.
Here's what you'll need to do to create and add a new page for your Privacy Policy.
- Log in to your Squarespace dashboard and go to Website.
-
On the Website builder page, click on Pages:
-
From the Navigation Menu, click on + icon. This will add a new page:
-
In the Pages menu, click the Blank Page option:
-
In the page name field, type Privacy Policy:
-
Double click on the empty page section will open the page editor. Under Add Page Content, click Add section:
-
When the new window opens, click Add Blank +:
-
In the page area, click on the + icon:
-
The block section will open. Select Code to add on the page:
-
The Code block editor will open. Here is where you will add the text for your Privacy Policy page.
-
In the code block content editor, paste the code for your Privacy Policy:
-
From the Done menu, click on Save to finish and save your changes:
- Your Privacy Policy page is created.
That's it, you're all done! If you opt for a pre-built design rather than building from scratch, the only difference is that you're working on a page with pre-placed Blocks. The other steps are the same.
So, how do you make this Privacy Policy accessible to users? You need to link to it through your footer. Here's what to do.
Publishing Your Privacy Policy for Squarespace
The footer is where most people look first to find out key details about your site, whether it's your FAQs, contact information, and so on. This is where you should link to your Privacy Policy.
Squarespace footers are easily customized - it only takes a few simple steps.
How to Add a Privacy Policy Link to a Squarespace Website's Footer
Linking your Privacy Policy to your Squarespace website's footer is an easy way to boost your legal compliance while helping keep your users informed about your privacy practices.
Here's how you can do it quickly and easily.
-
From the Website builder, scroll down to the Footer section and double click the footer. Click on the Edit Footer option that appears:
-
Click on the + icon in order to add a new block to the footer:
-
Select the Text option (block) in the menu:
-
In the text block, type Privacy Policy. With the text selected, click the link icon:
-
Paste the link to your Privacy Policy in the link field:
-
Go to Done menu, in the upper left corner, and click on Save to finish and save your changes:
Conclusion
By signing up for a Squarespace account, you agree to draft and publish a legally compliant Privacy Policy for your website if you handle any personal data at all. This Privacy Policy should include clauses on:
- Data collected
- Purpose of collection
- Collection method
- Use and sharing of data (including with Squarespace)
- Contact details
- Opt-out details
Once you've drafted the Privacy Policy, you need to publish it on Squarespace. You do this by creating a Privacy Policy page and linking to the policy through your footer. The Privacy Policy should be viewable across your website, and Squarespace makes this easy to do.
