What should I include in my privacy policy?

TOPICS: Privacy, The Basics

Do I need a privacy policy?

As part of responsible business practices, we require that any website that collects visitor information disclose their data practices through an easily accessible privacy policy.

There are a number of ways that visitor information is collected. Some information is volunteered by the visitor, such as submitting personal and payment information as part of a transaction or when submitting information to a “Contact Us!” form. Information can also be collected through background processes, such as for analytics or in connection with targeted advertising platforms.

Not sure if you collect visitor information? Below are just a few possible website functions that involve the exchange of information:

  • Sending targeted and retargeted ads
  • Transactions
  • “Contact Us” forms
  • Website/Visitor Analytics
  • Website optimization
  • Customized user experience
  • Membership/login portals
  • Email subscriptions


What are your privacy policy requirements?

The link to your site’s privacy policy should be clearly visible on all pages where you’re collecting personal information—not just your homepage. A good practice is to provide a link to your privacy policy right below all forms where a visitor is entering their information, as well as in the footer. This will ensure your privacy policy is prominently visible to your visitors.

We require that your privacy policy, at minimum, does the following:

  • Describe what personal information is collected.
  • Describe how this information will be used by the company.
  • Describe how this information will be transferred to third party companies.
  • Describe how you use cookies.
Provide instructions on how users can modify or delete their personal information.
  • Provide instructions on how users can opt out of future communications.
  • Finally, websites that collect sensitive personal information, such as bank details and credit card numbers, must use a secure processing server (https://) when collecting this information.

Need an example privacy policy? Privacy policy content is unique depending on the data practices of the website, but feel free to check out ours! AdRoll’s privacy policy is available in our footer. There are also some services—such as http://www.iubenda.com/—that can help you generate your privacy policy.


How do I explain my partnership with AdRoll?

AdRoll uses anonymous third party cookies to enroll your visitor in your retargeting program. To disclose this partnership in as part of your cookie policy, the language below may work for your site. Keep in mind that this is language is not a replacement for the privacy policy requirements above nor is it legal advice (you should consult with your own legal counsel to ensure your privacy policy reflects your privacy practices), but can be added to your existing privacy policy to further educate your visitor on how their information is used.

As you browse [company website] and other websites, online ad networks we work with may place anonymous cookies on your computer, and use similar technologies, in order to understand your interests based on your (anonymous) online activities, and thus to tailor more relevant ads to you.   If you do not wish to receive such tailored advertising, you can visit this page to opt out of most companies that engage in such advertising.  (This will not prevent you from seeing ads; the ads simply will not be delivered through these targeting methods.)


Special Considerations for the EU

The EU has additional requirements about data collection and use, including the EU Cookie Directive under the EU e-Privacy Directive. We require that customers using our services in EU markets comply with these directives. You can find more information about the EU, cookies, and how to comply here and more information about the EU e-Privacy Directive in general here.

roll with me…