Internet Privacy Policy

What information should I provide when setting up an internet privacy policy for my website?

When putting together a privacy policy for your website you should take the following things into account:

  • You must make sure it is easy to find on your website

  • You must make sure that it is easy to read

You must make sure that it comprehensively explains all the details of your online information practices

This will then enable all online visitors to your website to make informed decisions concerning the collection and use of their information.


A privacy policy on your website is a promise to all users of your website that you will use their information in a certain way and accordingly protect their privacy which will in turn promote trust and confidence in your website.

Therefore, it is not enough to simply post a notice the provisions contained therein must be fully implemented as part of a wider privacy policy within your business.

Consequently you must put careful consideration into the creation of your policy to ensure that it accurately reflects the information practices which may be unique to your business ensuring that you can guarantee a faithful adherence to it provisions.

Standard Provisions

As all privacy policies may differ depending upon the nature of the website then the following provisions can only be relied on as standard provisions. They will however, apply to most business which use personal information for the standard purposes contained below. If you feel that your business uses personal information in a way which separates it from other business it may be wise to seek the advice of a solicitor when putting together the policy.

Accordingly the provisions which deal with the following issues should be contained within all standard website privacy policies:

  • Commitment to privacy

  • What information is collected

  • How the information is used

  • Data Protection provisions

  • Access to the information

Commitment to Privacy

The first section of your privacy policy should detail to your customer or website visitor that their privacy is important to you and you are committed to protecting it.

This section should detail the fact that you have provided this notice which explains all your online practices in order for the customer to make a choice about the way their information is collected and used.

In order to fully show your commitment to the privacy of your customers you should make the notice easy to find. If it is located on the homepage of your website then those customers wishing to find it will be able to do so immediately.

Information which is collected

The first thing to note is that you must say that this notice applies to all information collected or submitted on this company’s website. If you have other companies it is advisable that you produce a privacy policy for each. If for example your website enables customers to order products, make requests, register or receive materials you must state the types of information that will be collected. This is usually along the lines of the following:

  • Name

  • Address

  • Email Address

  • Telephone Number

  • Credit or Debit Card Information

In your privacy policy you must state that you are collecting the above information if you are.

Certain websites where you order products you can order gifts for another person. If your website is one of such websites and you collect information about a third party you must also make the customer aware of this through the website privacy policy. This information will usually be limited to the following:

  • Name

  • Address

  • Telephone Number

How the Information is used

This is an extremely important provision for a privacy policy as many customers will be wary of providing personal information over the internet. You must therefore state the exact uses of the information in your privacy policy.

If your website it using the information obtained in relation to the customer placing the order it is usual to state that the information will only be used as is necessary to fully complete that order. This means that the information will only be passed to third parties in order to ensure the order is completed.

If you collect email address from your customer you should state that the only purpose for which you have that email address is to answer any email which you may receive. You must ensure that you state that the email address is not used for any other purpose and will not be passed on to any other third parties.

If you wish to use the information for any other ways than those provided in your privacy policy you must provide the customer with the opportunity to opt out of any of these other uses.

Data Protection Provisions

If you collect and process personal information online you must adhere to the provisions of the Data Protection Act 1998. Accordingly you must register your company with the Information Commissioner specifying the ways which you will use the information.

You must therefore make your customers aware that you company adheres to the Data Protection Act in this manner by stating so in your company privacy policy.

Access to the Information

You must state how an individual can gain access to the information which you have collected about them through your website. You must do this by providing the full address of the company in the privacy policy.

You must also state that a customer can correct any factual errors made in relation to their personally identifiable information by sending a request that credibly shows the error. It would then be prudent to qualify this by stating that in order to protect their privacy you will undertake reasonable steps in order to verify that person’s identity before granting access or making corrections. 

You should also provide details on how a customer may contact you if they have any questions or concerns about the privacy policy. In this respect you should provide a telephone number and an email address.