Where to Add Privacy Policies on Websites/Apps

Last updated on 29 August 2019 by Wanda Waterman
Where to Add Privacy Policies on Websites/Apps

If you own a website or mobile application, you'll need a Privacy Policy to comply with legal regulations and protect you and your organization from liability.

Making a Privacy Policy visible on your website is fundamental to ensuring visitors to your website are made aware of how their personal data will be used.

In this article, we'll show you examples of where you can add a Privacy Policy on your site or mobile app.


Do I need a Privacy Policy?

A lot of international privacy laws require a Privacy Policy if you collect or use personal information from individuals.

Personal information is anything that can be used to identify someone, such as a name, email address, mailing address and even an IP address.

If your business is based in the United States and interacts with residents of California, you will need a Privacy Policy to comply with the California Online Privacy Protection Act (CalOPPA).

Outside of the United States, there are numerous countries and territories requiring a Privacy Policy, including:

European Union (EU) - the General Data Protection Regulation (GDPR) covers the protection of personal data in the EU.

Canada - the Personal Information Protection and Electronic Documents Act (PIPEDA) outlines the rights of Canadian citizens.

Australia - the Privacy Act of 1988 protects the personal data of Australian citizens.

Aside from the legal responsibilities, it is simply good practice for transparency to display a Privacy Policy prominently on your website or mobile application. Your users are trusting you to use their data responsibly, and a clear Privacy Policy will demonstrate this.

Where should I display my Privacy Policy on my website?

Where should I place the Privacy Policy on my website?

You have a number of options for where to display your Privacy Policy on your website.

Let's take a look at some examples.

Perhaps the most common location to place a link to a Privacy Policy is in the footer of a website.

British-based health food retailer Grape Tree displays its Privacy Policy in the Useful Links section in the footer of its website:

Grape Tree Privacy Policy link in footer - highlighted

The Privacy Policy is grouped with similar items such as Contact Us and Terms and Conditions. This ensures the policy is visible for any visitors who wish to see how their personal data will be used by Grape Tree.

Similarly, the BBC also displays its Privacy Policy in the footer of its website:

BBC Privacy Policy link in footer - highlighted

As with Grape Tree, the Privacy Policy can be found next to items such as the Terms of Use and Cookies.

Even a footer menu with a large number of links, such as Facebook's, is a good location for a Privacy Policy:

Facebook Privacy Policy link in footer - highlighted

Regardless of the size of your website or the number of links within your footer menu, it is a very useful location to place a link to your Privacy Policy.

Think about it this way: if you were browsing and wanted to look up a Privacy Policy on a website you were visiting, where is the first place you would look? It's quite likely you would scroll straight to the bottom of the page and take a look at the footer menu.

Side Menu

The footer isn't the only place to put a link to your Privacy Policy.

Since scrolling down to the bottom of a Twitter timeline isn't practical for users, the Privacy Policy is instead provided in a box on the right-hand side of the screen:

Twitter side menu Privacy Policy link - highlighted

Twitter groups the Privacy Policy with similar items to ensure users have easy access to related policies.

Signup Forms

It is important to include a link to your Privacy Policy if you offer users the opportunity to sign up for a mailing list, an account, or a similar service.

UK-based consumer rights website MoneySavingExpert has a free email it sends each week to its subscribers. On the website signup page, the Privacy Policy is provided underneath the space for visitors to enter their email address:

MoneySavingExpert.com email newsletter sign-up form with Privacy Policy link highlighted

Similarly, POLITICO offers a number of newsletters covering a wide array of political topics. On the user signup form, new subscribers are informed that they are expressly confirming acceptance of their Privacy Policy by clicking "Register":

POLITICO EU Register form: By clicking register button Privacy Policy is accepted

Coupon provider Groupon also provides a link to its privacy statement within its signup form:

Groupon email sign-up form with Privacy Statement link highlighted

Where should I display my Privacy Policy on my app?

Where should I place the Privacy Policy on my app?

It isn't just your website which requires a Privacy Policy. If you have a mobile application, there are rules set out by Apple, Android and other app store services which state you must have a Privacy Policy if you provide an app on their platforms.

Not only will you need to include details of the Privacy Policy within the app itself, but you will also need to provide it in your app store listing.

App Store Listings

Apple's App Store Review Guidelines emphasize that iOS app providers must take care when handling personal data.

The guidelines state:

  • Apps must include a link to their Privacy Policy on the App Store listing
  • Apps must include a link to their Privacy Policy within the app itself
  • Apps that collect user or usage data must secure consent for the collection

As an example, a user trying to download the Microsoft Outlook app on iOS has the opportunity to review the Privacy Policy before downloading the app:

Microsoft Outlook iOS app store listing with Privacy Policy link highlighted

Clicking on the Privacy Policy link takes a user to Microsoft's website and an online copy of the privacy statement.

Google's Developer Distribution Agreement advises that user data must be handled with care and requires that developers:

  • Protect the privacy and legal rights of users
  • Make users aware that personal information will be available to your app
  • Provide legally adequate privacy notice and protection for users

A legally adequate privacy notice is the same as a Privacy Policy. If your app is listed on the Google Play store and collects any personal information about its users, you will need a Privacy Policy.

In-App Examples

Let's take a look at a few examples of where you can display your Privacy Policy within your mobile app.

Dark Sky is a hyperlocal weather forecasting service available on iOS and Android. For the app to work as designed, it collects data about the user's location and contact details for local weather reports.

On the home screen of the app, the user can access the Settings screen by selecting the cog in the top right hand corner:

Dark Sky mobile app: Settings menu icon  highlighted

On the Settings screen, the Privacy section gives the user a couple of options. Firstly, the user has the option to enable or disable Analytics, which anonymously tracks how the user interacts with the app. Secondly, the Privacy Policy is clearly available to be viewed:

Dark Sky mobile app: Settings menu with Privacy Policy link highlighted

Clicking on the Privacy Policy link takes the user to the Dark Sky website, where they can view the policy in full.

The peer-to-peer ridesharing app Uber also utilizes personal data in a number of ways. The Privacy Policy is accessed through the Legal menu in the homepage of the app:

Uber mobile app with Legal menu link highlighted

From the Legal menu, the user can access a number of policies, including the Privacy Policy:

Uber mobile app Legal menu with Privacy Policy link highlighted

When a user clicks this link, the Privacy Policy opens within the app.

Glympse is a mobile app which provides real-time location sharing services. It collects personal data and location details in order to improve its products.

The users of Glympse need to be aware of how sharing sensitive information like their location will be used and stored. When the app is opened for the first time, the user is greeted with the User Data Retention Policy and a separate link to the Privacy Policy:

Glympse mobile app: User Data Retention Policy with I Agree button

Users have to agree to the policy in order to advance and use the features of the app. Displaying the Privacy Policy and seeking explicit consent is a very good idea if your app is using identifiable personal data.

Finally, WhatsApp is a text, voice and photo messaging app used around the world. The app is highly focused on protection of personal data and privacy, using end-to-end encryption as a security measure to stop messages being intercepted.

WhatsApp users can access the Privacy Policy by accessing the Help section on the Settings menu:

WhatsApp mobile app: Settings menu screenshot

Users can then access the Privacy Policy by selecting the link on the next page:

WhatsApp mobile app: Help menu with Terms and Privacy Policy link highlighted

The Privacy Policy is hosted on the WhatsApp website, which users are taken to when they select the link within the app.

There are a number of options for displaying your Privacy Policy within your mobile app. The most important thing is to ensure that it is clearly labeled and easily accessible. Making it easy for users to see how their data is being used will help you comply with legislation and app store requirements.

Summary

As we've seen in this article, there are a number of options for placing your Privacy Policy on your website or within your mobile app.

On your website, make sure the link to your policy is easily visible throughout your site. Placing the link in a footer menu is one of the easiest ways to do this, as your footer will be present on every page on your site.

You should also include a link to your policy in sign-up or registration forms at the time when you're asking users to provide you with personal information.

For mobile apps, you need to ensure you include the Privacy Policy both in your app store listing and within the app itself. Ensure your policy is easy to navigate to from within your app menus.

Article categories
Wanda Waterman

Legal writer.