The privacy policy is one of the least valued parts of the WordPress site, although almost every visitor clicks a button to agree to it. Because of this, having a reliable privacy policy is one of the most important things you can do for your website. From providing legal protection (national and international) to being a factor in search engine optimization rankings, your WordPress privacy policy should be first-class, clear and up-to-date. We have tools and resources to help you do this, as well as tips and suggestions on what should be included in WordPress’s privacy policy.
- What is the privacy policy?
- How to create a Privacy Policy using WordPress
- What should the privacy policy include?
- How to deal with user data?
- How to create a custom privacy policy
- How to add a new WordPress privacy policy
- Summary
What is the privacy policy?
The privacy policy tells users what you do with their data. You must disclose any information you collect to website visitors. (whether it’s an email address, name, location, or whatever) then you have to tell them what you plan to do with the information. Even an innocuous act of kindness such as sending a birthday discount via email. The EU’s General data Protection Regulation (GDPR) even stipulates that, for whatever reason, visitors must choose to agree (and more) before collecting any data.
Privacy policy is 100% necessary if you use Google Analytics, Facebook Like buttons, advertisements on websites, or other standard practices for 95% of websites.
Even if they don’t read (most people can’t read), your visitors and you are still bound by it. No privacy policy will bring you legal disputes. This includes a fine of thousands of dollars. From 2020, legislation called the California Consumer Privacy Act (CCPA) is stricter in terms of requirements and penalties than GDPR, so if you haven’t sorted out your laws for a long time, tightening your laws should be your top priority.
Ideally, you can ask a lawyer to help you draft your privacy policy. However, this is not realistic for the vast majority of website owners. In view of this, many online service organizations emerge as the times require. However, not all services are the same. Don’t trust any generator found in Google search. We would like to introduce you to what you should pay attention to in your privacy policy. In this way, you will know that no matter where you get the privacy policy, it will provide you with protection.
How to create a Privacy Policy using WordPress
Fortunately, WordPress developers see the impact of no privacy policy on site owners. The current version of WordPress includes a Privacy item under Settings in the Administrative Control Panel. We will guide you in creating your own privacy policy in the background of WordPress.
After entering the “Settings” (1)-“Privacy” (2) area, you may receive information similar to (3) above, even if there is a privacy policy on your website. This is because the privacy policy option is blank (4). Never mind. If you’ve never used this feature before, it has no reason to know that you have a privacy policy. However, if you don’t, WordPress will create one for you by pressing the create (5) button.
The banner (6) at the top of the article is an overview of the content of the post itself. You can click it to read it in detail, or you can scroll through the pre-generated text directly to ensure that this is the actual operation of your site. In most cases, WordPress’s privacy policy is similar because most websites use data in a similar way. If you need a quick and easy privacy policy, just browse the blocks in the post, remove the suggestion text (7) tag, and then press publish (8). Doing so will create a completely new post on the site with the URL / privacy-policy (determined by the title of the page you created).
Once WordPress has created your template privacy policy, you may need to review the information again and make sure that you include any specific policies for your site that may not be included in the automatic privacy policy.
What should the privacy policy include?
These points may or may not be all that need to be considered in the formulation of a comprehensive privacy policy. Think of them as the basic content that the file should contain. (you can also read the key terms and conditions if you like.)
- How to collect information
- How to deal with the collected information
- What cookie, pixels, and other trackers are used on your website and their purpose
- Any advertising network and its method / purpose of collecting data and sending advertisements
- How do your users choose to accept or reject your collection and storage of their data
- How users request deletion and / or transfer of their data to them
- Contact information of the webmaster
These are the standard issues that make up most privacy policies. Ideally, visitors will take a look at your policy and then decide whether they are willing to use your service. More realistically, it provides legal protection for you, because most people click yes without looking at it. If someone questions how you use their information or data, you will have a document indicating that they have chosen to use it.
A large part of these disclosures relate to Cookie. Cookies is a file on your computer that contains personal settings for a particular website. The word itself is said to come from “magic cookies”, a tag used by the UNIX-based operating system (OS). In any case, the site will use cookies to track your actions on the site. For example, Cookie allows you to stay logged in when you leave the site (although there are some restrictions). According to the EU’s Cookie Law and ePrivacy Law, the website needs to inform visitors of the use of cookie and provide the option to disable cookie.
How to deal with user data?
The real point is that how to deal with data is as important as collecting it. Why? Data is big business. It’s a real business. Billions of dollars flow into the data industry every year. Many, many people’s websites sell or share their user data. Other sites use the collected data more ethically to personalize content, advertising and other similar applications.
No matter how your WordPress website uses this data, your privacy policy must disclose the data. While some users may agree to share personal data, they may not be satisfied with your decision on how to use the data and decide not to join. Or ask you to delete their data from the collection afterwards.
One of the uses for using user data is us. If your Elegant Themes annual subscription is about to expire, we will send you an email reminder. In this case, we use your personal information to provide updates. We have the date, name and email address of your membership. We use this information to provide you with personalized services.
In any case, if you are not satisfied with the way the site uses your information, GDPR provides for the “right to be forgotten”. This means that if you require the website to delete your information, the website must be deleted in accordance with the law.
How to create a custom privacy policy
If you are a large company dealing with sensitive data, developing a unique privacy policy is your best choice. As we mentioned above, hiring a lawyer is a good choice. After all, this is a legal document that is binding on you and your business. However, this is not realistic for most website owners.
That’s why services have emerged over the years to generate templated (but customizable) privacy policies for your site. We will introduce several of these services so that you can know and let your visitors know that their privacy policy is correct.
1. Termageddon
Termageddon, which knows how ridiculous its name is and has put a lot of effort into it, is a top-notch service that automatically generates updated privacy policies. As soon as new laws affecting privacy data are passed, Termageddon will update your embedded policies to reflect them. Therefore, when CCPA takes effect, Termageddon only updates GDPR regulations. Setup is very simple, just answer questions about your business or website. Then paste the embedded code into the page. You can overwrite any updates or changes, or you can edit the policy manually. If you need to deal with a lot of user data, then $10 a month is worth it.
In addition, Termageddon can not only handle WordPress sites, but also set privacy policies for Shopify stores, Facebook apps, mobile apps, and so on. Therefore, if your site uses external integration, Termageddon will provide you with full support.
Price: $10 per month / $99 per year
2. TermsFeed
TermsFeed allows you to generate basic privacy policies in minutes. You can easily customize these policies using the information on your website. Each time you want to create a new policy, the service guides you through a questionnaire to help you determine the terms you need. At the end of the process, you will receive the new policy via email. It’s a fast process. In this way, you can paste it into your website and provide services to visitors immediately. The platform can also automatically update policies according to legal changes.
In addition, if you want to get more personalized services, you can download various templates such as terms of service, edit and fill in them yourself. Like Termageddon mentioned above, TermsFeed is not only applicable to WordPress sites, but their privacy policies can also be integrated into iOS applications, SaaS platforms, and desktop applications that require local permission to run on the client’s machine.
Price: offer free and paid plan
3. FireBase
Although FireBase is mainly designed for mobile applications, it is also an excellent privacy generator. Especially when you need specific services that are fast, simple, and customizable (to some extent). It is easy to implement and set up. Its privacy policy is simple, but that doesn’t mean it’s useless or even bad. The generated policies show how you use cookie and how to use various services. We like these policies because they are written in a more easy-to-understand language that users can understand. They may not understand the more complex legal provisions in other generators. If you want a fast, simple, and easy-to-understand privacy policy generator, that’s what you need.
One of the highlights for FireBase users is the ability to determine which type of application you want to make a privacy policy for. Many WordPress plug-ins run based on the same pattern, which means that free plug-ins can adjust their generated privacy policies according to their own needs. Free apps are also available. Although it generates a general policy, this simplicity allows you to adapt to the needs of your own website or product.
Price: free of charge
How to add a new WordPress privacy policy
If you are using any of these generators instead of the built-in generators, you need to put them on your Web site. Otherwise, it won’t do you any good. But it’s very easy. First, go to page (1)-create a new page (2), and then put the new WordPress page (not a post)! ) named Privacy or Privacy Policy (3).
Then simply paste the WordPress Privacy Policy text or embedded code. In this example, we use the generator to generate WordPress’s privacy policy and paste it into the classic block in the WP block editor. If we had pressed the CTRL/CMD-V key, we could have easily created a custom HTML block, or even just a series of normal text blocks.
After pressing the publish button, you only need to do one more step (this applies to all versions of the privacy policy): make the page accessible to your users. It’s always a good idea to add a link to a new page in the about us section, but it’s best to put it in the leading navigation menu (and footer menu). Adding a new WordPress menu item is very simple, just go to the appearance (1)-menu (2) and find the menu you want to edit. Then select the Privacy Policy page you just created (3), set it as a child of the relevant menu option (4), and then click Save menu (5).
Let’s repeat the last part: click the Save menu when you are finished. The lack of this step is one of the most easily forgotten parts of WordPress. Menus are not automatically saved in WP. The last thing you want to do is spend a lot of time and energy making sure that you have added the best privacy policy to your site. But can’t access it. To make matters worse, you think you did it, but it took you a long time to find out it wasn’t.
When you have done all this work, the privacy policy of your WordPress site should take effect so that users can see it and effectively protect you and your users.
Summary
Keeping the latest WordPress privacy policy doesn’t mean you have to write a legal document every once in a while. Thanks to WordPress developers and other platforms, as well as services such as Termageddon, you can prepare these important files in a short time. Having a positive privacy policy shows users that you attach great importance to protecting their data. Specifying how you use their data will reassure visitors and protect you legally and morally.