Privacy Policy for Squarespace

Privacy Policy for Squarespace

If you plan on building a website using Squarespace, then you must draft a Privacy Policy to display on your site. If you already have a Privacy Policy, you still need to check that it complies with guidelines set out by Squarespace.

This requirement isn't unique to Squarespace. Other website builders have similar requirements, so there's no way around it if you want to build a website and make it publicly accessible.

So, why do you need a Privacy Policy at all? And how can you make one that's compliant with the laws and with Squarespace? We'll help you with all of that.

Personal Data and Privacy Laws

Privacy Policies are all about personal data protection. The moment a visitor lands on your website, international privacy laws regarding personal data collection come into play. The four most important pieces of legislation you should be aware of are:

  • General Data Protection Regulation (GDPR)
  • Personal Information and Electronic Documents Act (PIPEDA)
  • California Consumer Privacy Act (CCPA)
  • Australian Privacy Act (APA)

These laws all set out the various rights that individuals have over who can access, store, view, and handle their personal data. They also place numerous obligations on you, the business owner, to ensure that you treat a user's personal data responsibly.

In other words, it doesn't matter how much personal data you intend to collect. You must still abide by international privacy laws. What, though, is "personal data?"

Personal data is any information that can be used to identify a person or household, be it their name, email address, employment details, bio data, etc. The list is non-exhaustive, but the definition is set out best in Art 4 of the GDPR.

Since most businesses capture at least some of this data on their website visitors, it's likely that you need a Privacy Policy.

Don't be daunted by the whole idea of writing a Privacy Policy and uploading it to Squarespace. It's much easier than it sounds, and we'll briefly summarize the essentials for you.

Before we summarize what's in a Privacy Policy and how to add it to Squarespace, let's look at how Squarespace works, and what the company specifically says about Privacy Policies.

What is Squarespace, and How Does it Work?

What is Squarespace, and How Does it Work?

Squarespace is a platform that helps you build and run a professional-looking website or ecommerce store without knowing the ins and outs of HTML or coding. Essentially, it works by giving you some creative flexibility to set up a website that looks impressive without spending hours learning the art of web design.

For most business owners, platforms like Squarespace are ideal. All you need to do is:

  • Pick a website template
  • Set up a domain name
  • Build your website using the Squarespace platform
  • Publish it whenever you're ready

It's easy to get started, and you can even use Squarespace's suite of marketing tools to promote your site to a larger audience. The platform has a dedicated help and support area, and you can read through this section as you build your website.

So, what does Squarespace have to say about privacy?

Squarespace and Privacy Policies

Squarespace sets out its rules about Privacy Policies for creators in its Terms of Service. You'll find the position on Privacy Policies in section 7.3 of the Terms of Service. In short, the responsibility is on you to comply with relevant international privacy laws, including those which require you to provide a Privacy Policy:

Squarespace Terms of Service: Comply with Data Protection Laws clause - Privacy Policy requirement

So, you must:

  • Draft a Privacy Policy if you're processing personal data
  • Make this Privacy Policy available to the users visiting your site

Now we're clear on why you need a Privacy Policy if you use Squarespace, let's briefly sum up what's in a legally-compliant Privacy Policy before moving on to how you load this document onto Squarespace.

The Basics of a Privacy Policy

The Basics of a Privacy Policy

The good news is that you don't need an overly complex or long Privacy Policy to comply with the law or Squarespace's requirements. If you include these elements in your policy, you'll fulfil the obligations set out in various international privacy laws.

To summarize, a basic Privacy Policy should have clauses explaining:

  • What data you collect (i.e. personal data)
  • Why you collect this data in the first place
  • How you collect the data
  • What you will do with this information
  • Where a user can go to find out more about their privacy rights
  • How the user can opt out of personal data collection

Let's very briefly consider some examples from compliant Privacy Policies to see what these clauses look like.

The Data You Collect

You must tell visitors what kind of information you collect from them, whether it's their name, contact details, or their marketing preferences. Put simply, if you're collecting data that can be used to identify a person, you must declare it.

Here's a good example from ARCH Motorcycle. The company first defines personal data and then set out which kinds of personal data it collects:

ARCH Motorcycle Privacy and Terms: Data we collect about you clause

Be as detailed and transparent here as possible. Using a list format like ARCH does here is very helpful for readability and understandability.

Reason for Data Collection

The general rule is that you should only collect as much personal data as you need to provide goods and services.

Here's an example from another Squarespace website, Pixel Fondue. This clause achieves two things. First, it tells users that the list is non-exhaustive, meaning the company may use personal data for purposes that aren't explicitly set out. Secondly, it provides a clear and concise list of reasons why the data is collected:

Pixel Fondue Privacy Policy: Our Use of Your Information clause excerpt

Data Collection Method

You should set out two things: How you collect personal data, and when you collect it. You can obtain information directly, such as when the user fills in a form or gives you their data. You can also collect it indirectly, for example when you use cookies to track browser behavior.

ARCH Motorcycle sets out this distinction in its Privacy Policy. It makes clear comparisons between both forms of data collection, and gives brief but informative examples of what the terms mean:

ARCH Motorcycle Privacy and Terms: How is your personal data collected clause

While you don't need to list every single specific method, you do need to be as detailed as possible here and at least mention direct and indirect/automated methods for collecting personal data.

Use of Data

You can't just collect personal data for no reason. There must be a clear purpose and a justified reason. A good rule to remember is that if you can't explain why you need the data, you shouldn't collect it.

You don't need to list all the ways that you use data, but you should be able to make justifications.

Under the Ficus> has a great clause for this. It's short and succinct, and it makes direct links between the information gathered and how it's used:

Under the Ficus Privacy Policy: What do we do with your information clause

The bottom line is that if someone asks you why you need a specific piece of data, you must be able to answer them.

Contact Details

It's important that you make it easy for users to contact you for more information. It's also best if you leave a few contact options, for example an email address and a physical address or telephone number.

Users have a right to ask you about your Privacy Policy and find out more about their general privacy rights.

Here's an example from Pixel Fondue's Privacy Policy:

Pixel Fondue Privacy Policy: Contacting Us clause

Opt-Out Information

Every user can refuse consent to marketing activity, such as signing up for newsletters. This is also known as "opting out" of unnecessary data sharing. Your Privacy Policy must make this clear and explain how people can opt-out of marketing and other unnecessary data collection.

Oscar the Grouch, a Squarespace website, makes this clear. It points out that there are very few site functions that require users to submit personal information. The user is free to opt-out of sharing this information, if they wish:

Oscar the Grouch Privacy Policy: Free to choose to submit personal information section

Under the Ficus also has a good clause for this. In just a few lines, it explains the procedures for obtaining consent to marketing, how users can opt-out, and even how users can withdraw consent previously given:

Under the Ficus Privacy Policy: Consent clause

Squarespace and Third Party Information

Since your site is operating on Squarespace's platform, you'll need to mention in your Privacy Policy that Squarespace may collect information through your site. Including a clause about Squarespace will help your users know that there information may be used by someone else but you.

Here's how Under the Ficus does this in a clause about payment processors and third party services:

Under the Ficus Privacy Policy: Third party services and payment processors Squarespace clause

Note that it links to Squarespace's Terms of Service and Privacy Statement as well for readers who want to learn more about Squarespace's privacy practices.

Squarespace has analytics tools, which will collect legally-protected personal information. Include a clause that lets users know that you use Squarespace analytics, like Pixel Fondue does here:

Pixel Fondue Privacy and Terms: Analytics Information Squarespace clause

Oscar the Grouch includes a short but succinct clause that lets users know that Squarespace provides certain services and may be given access to personal information, but only as described in the rest of the Privacy Policy:

Oscar the Grouch Privacy Policy: Squarespace and Other Service Providers clause

Squarespace is mentioned elsewhere too, in the Information Collected Automatically clause, since Squarespace analytics tools will automatically be collecting data:

Oscar the Grouch Privacy Policy: Information collected automatically - Squarespace analytics clause

You can make mention of Squarespace wherever it makes sense to in your Privacy Policy, but some good areas would be:

  • Information collected automatically clause
  • Third party service providers clause
  • Its own Squarespace clause

How to Create a Privacy Policy for Your Website

Need a Privacy Policy? Our Privacy Policy Generator will help you create a custom policy that you can use on your website and mobile app. Just follow these few easy steps:

  1. Click on "Start creating your Privacy Policy" on our website.
  2. Select the platforms where your Privacy Policy will be used and go to the next step.
  3. Privacy Policy Generator - Select platforms - Step 1

  4. Add information about your business: your website and/or app.
  5. Privacy Policy Generator - Add your business info - Step 2

  6. Select the country:
  7. Privacy Policy Generator - Add your business info - Step 2

  8. Answer the questions from our wizard relating to what type of information you collect from your users.
  9. Privacy Policy Generator - Answer questions from our wizard - Step 3

  10. Enter your email address where you'd like your Privacy Policy sent and click "Generate". Privacy Policy Generator - Enter your email address - Step 4

    And you're done! Now you can copy or link to your hosted Privacy Policy.

So, now you know how to draft a basic Privacy Policy for Squarespace. How do you actually create the page and post it online? Let's take a look.

Creating a Squarespace Privacy Policy Page

Creating a Squarespace Privacy Policy Page

You create a Privacy Policy page on Squarespace the same way you create any other regular Layout Page on the platform. It's really simple, and you can do it in one of two ways:

  • Adding a blank Layout Page and starting from scratch, or
  • Using a pre-built Layout Page design

Layout Pages are the most versatile option and Squarespace recommends using them for "About" pages and other custom pages with a volume of text:

Squarespace Layout Pages summary

For a Privacy Policy, it may be best to start the page from scratch, but you can always include some pre-built sections, too.

To start from scratch with a Blank Page, you'll do the following steps, described in detail below:

  • Start a blank page from the Home Menu
  • Add a suitable title (in this case, it would be Privacy Policy)
  • Add whatever sections you need
  • Finish and save the new page

Open a Blank Page

The first thing you'll see when you sign in is your Home Menu. First, click on the "Pages" option, and then click on the little "+" sign that pops up. This gives you the option to open a blank page:

Squarespace Home Menu with Pages highlighted

Pick a Title

You can pick any title, but in this case, you should call your page "Privacy Policy." Save the page title by pressing "enter." You can follow this same step for any page you create, whether it's an "About" page, a "Terms and Conditions" page, or something else.

Edit the Page

Now comes the fun part! This is where you create your page and turn it into exactly what you want it to be by adding in your Privacy Policy text.

You can customize the page by adding Blocks. Blocks let you add features including text and links to other pages.

Once you add a Block, you can copy and paste over your Privacy Policy from another document and format it however you like. After you've created your Block and added the text, you can simply highlight the text you want to link from and click the little "link" icon.

Now you've created your Privacy Policy page, it's time to save it and finish. All you need to do is:

  • Move your cursor over the "Done" button
  • Click "Save" when it appears

That's it, you're all done! If you opt for a pre-built design rather than building from scratch, the only difference is that you're working on a page with pre-placed Blocks. The other steps are the same.

So, how do you make this Privacy Policy accessible to users? You need to link to it through your footer. Here's what to do.

Publishing Your Privacy Policy for Squarespace

Publishing Your Privacy Policy for Squarespace

The footer is where most people look first to find out key details about your site, whether it's your FAQs, contact information, and so on. This is where you should link to your Privacy Policy.

Squarespace footers are easily customized - it only takes a few simple steps.

To edit the footer, hover your cursor over the footer area. Once the annotation pops up, click "Edit:"

Squarespace backend with Edit Footer Content button highlighted

Add Blocks

Again, all you need to do is add whatever Blocks you need. Pick a Text Block following the same steps as above and add a link to the Privacy Policy. This means the Privacy Policy link will appear at the bottom of every page on your website.


By signing up for a Squarespace account, you agree to draft and publish a legally compliant Privacy Policy for your website if you handle any personal data at all. This Privacy Policy should include clauses on:

  • Data collected
  • Purpose of collection
  • Collection method
  • Use and sharing of data (including with Squarespace)
  • Contact details
  • Opt-out details

Once you've drafted the Privacy Policy, you need to publish it on Squarespace. You do this by creating a Privacy Policy page and linking to the policy through your footer. The Privacy Policy should be viewable across your website, and Squarespace makes this easy to do.