Website Privacy Policy - First Party Cookies 
This template has been updated to reflect changes made by the Data (Use and Access) Act 2025, including new wording on data protection complaints, compatible further use of personal data, reasonable and proportionate searches when responding to subject access requests, automated decision-making and profiling, and cookies and similar technologies.
This Website Privacy Policy - First Party Cookies is designed for websites that collect personal data from users and use first-party cookies. First-party cookies are cookies placed directly by the website operator and used only by that operator.
This template is intended to help website operators explain how personal data is collected, used, stored, transferred, and shared, while also providing information about the use of first-party cookies and similar technologies.
Suitable for websites using first-party cookies
This template is designed for websites that use first-party cookies, but do not use third-party cookies or analytics tools. It provides a practical starting point for explaining website data use, cookie use, user rights, and contact details in a clear and accessible way.
The template may be used as a standalone website privacy policy, or it may be adapted to refer to a separate Cookie Policy where more detailed cookie information is provided.
Key privacy and cookie points this template addresses
- what personal data is collected and how it is obtained;
- how personal data is used and the lawful basis for processing;
- how individuals can raise concerns or complaints about the use of their personal data;
- compatible further use of personal data;
- how long personal data is kept;
- storage, transfers, and data security information;
- sharing personal data with third parties;
- access rights, reasonable and proportionate searches, and other data subject rights;
- the use of first-party cookies and similar technologies;
- cookie consent and strictly necessary cookies; and
- contact details and updates to the policy.
Important scope points
This template is designed for websites that use first-party cookies only. If your website uses third-party cookies, analytics tools, advertising cookies, social media plugins, or similar tracking technologies, a more specific website privacy policy or separate Cookie Policy may be required.
Specific legal advice may be needed if your website handles special category personal data, data relating to criminal convictions, or children’s personal data, as additional measures may be required.
The template also reflects the need to explain data use in clear, user-friendly language, including where personal data comes from, the lawful basis relied on, any automated decision-making or profiling that has legal or similarly significant effects, retention periods, the steps taken to protect personal data, how cookies and similar technologies are used, and how individuals can raise data protection complaints.
This template does not include recognised legitimate interests as a standard lawful basis for ordinary website processing. This is deliberate: recognised legitimate interests are limited to specific purposes under data protection law and should not be treated as a general alternative to ordinary legitimate interests. They should be used with care and professional advice should be taken where there is uncertainty.
Related guidance and alternatives
For help with privacy information requirements, data protection complaints, cookies, and choosing the right template, see the Privacy Information Guidance Notes and Cookie Guidance.
If your website uses analytics tools, third-party cookies, or both, one of the other website privacy policy templates may be more suitable, such as Website Privacy Policy - First Party Cookies + Analytics, Website Privacy Policy - First and Third-Party Cookies, or Website Privacy Policy - First and Third-Party Cookies + Analytics.
Website Privacy Policy - First Party Cookies is part of Business . Just £38.50 + VAT provides unlimited downloads from Business for 1 year.