Welcome to Simply-Docs

Website Privacy Policy

TR.WEB.TC.18a

This Website Privacy Policy template is intended for websites that collect personal data about and/or from their users and that use both first and third-party cookies.

Important parts of this policy template address the use of cookies and compliance with the group of laws collectively known as “Cookie Law”. The policy explains what cookies your site uses, what for, and why. Alternatively, if you wish to provide more detailed information on cookies, this document can be altered to refer to a separate Cookie Policy.

This document has been written to assist in compliance with the UK GDPR and the Data Protection Act 2018, providing important information such as details of data subjects' rights, information on the retention of personal data, data subject access requests, and controls and/or consent for cookies and related technologies.

This document has been designed for general application, however please note that you may require specific legal advice if you deal with ‘special category’ (aka ‘sensitive’) personal data, data relating to criminal convictions, or children’s personal data as additional measures may be required.

When setting out the personal data that you collect and how you collect it, both detail and user-friendliness are important. Avoid complicated technical jargon wherever possible. It is also important to note that, where data is sourced from a third party, you specify what type of organisation that third party is (e.g. its industry or sector, and whether it is private or public). It may also be helpful to indicate whether the source is located inside or outside the UK. Provide as much detail here as you can.

Comprehensive details should be included both of the personal data you collect and use, and of the lawful basis or bases that enable you to do so. There are several lawful bases to choose from, as explained on the ICO website, here. Consent, the data being necessary for a contract, or ‘legitimate interests’ are, we suggest, the most likely bases for many businesses; however, it is important to take care when choosing. ‘Consent’ may appear to be the most straightforward, but this is often not the case. Furthermore, if you opt to rely on ‘legitimate interests’, it is important to explain what those interests are in your privacy policy.

Automated decision-making and/or profiling can also be important. The law includes specific restrictions and rights relating to this kind of data processing, but it is important to note that these only apply where the resulting decision has ‘a legal or similarly significant effect’. When carrying out such decision-making or profiling, you should explain it in your privacy policy. The law requires you to provide ‘meaningful information about the logic’ and to explain ‘the significance and envisaged consequences’ of the process. This is not intended to require you to break down the programming logic used in the automated process, however. Rather, you should tell individuals what data you use and why, and what the likely result is going to be and how likely it is to affect them. It is always important to keep your information as clear and easy-to-understand as you can. More information about automated decision-making and profiling is available on the ICO website, here.

How long do you keep personal data? This is an important question that your privacy policy should answer. When dealing with this in your privacy policy, it is important to be as specific as possible. It is also important to keep in mind that some data retention periods may be specified by law, but this will not apply in many cases. Legal advice should always be sought if there is any doubt. Please note that example retention periods are not included in this template.

A further important point to note relates to your data security arrangements. Users should be able to understand what you are doing to keep their personal data safe. When setting out measures such as encryption, ensuring on-going confidentiality, and recovering data in the event of loss, be sure to use user-friendly language.

Finally, it is important to note that the provisions included in this template are broad and will not necessarily apply to all websites. When completing this template, ensure that your policy accurately reflects your actual use of personal data and associated procedures.

Optional phrases / clauses are enclosed in square brackets. These should be read carefully and selected so as to be compatible with one another. Unused options should be removed from the document.

This Website Privacy Policy contains the following clauses:
1. Definitions and Interpretation
2. Information About [Us] OR [Me]
3. What Does This Policy Cover?
4. What Is Personal Data?
5. What Are My Rights?
6. What Data Do You Collect and How?
7. How Do You Use My Personal Data?
8. How Long Will You Keep My Personal Data?
9. How and Where Do You Store or Transfer My Personal Data?
10. Do You Share My Personal Data?
11. How Can I Control My Personal Data?
12. Can I Withhold Information?
13. How Can I Access My Personal Data?
14. How Do You Use Cookies?
15. How Do I Contact You?
16. Changes to this Privacy Policy

This website privacy policy template is in open format. Either enter the requisite details in the highlighted fields or adjust the wording to suit your purposes.

Once you have purchased access to the appropriate document folder click on the “Download Document” link below. You will be asked what you want to do with the file. It is recommended that you save the document to a location of your choice prior to viewing.

Simply-4-Business Ltd Registered in England and Wales No. 4868909 Unit 100, Parkway House, Sheen Lane, London SW14 8LS

Top
Simply-Docs uses cookies to ensure that you get the best experience on our website. Learn more