Jump to Section
arrow down

How to Write a Privacy Policy for Your Small Business

By The Leadpages Team  |  Published Oct 03, 2018  |  Updated Oct 06, 2023
Leadpages Team
By The Leadpages Team
How to write a privacy policy

As a small business owner with a website, you might ask: Do I really need a privacy policy statement for my website?

If you’re starting, managing, or growing any type of business online today, the answer is likely “yes, yes you do."

Jump on it!

While small business ownership is overwhelming with the constant juggle of multiple tasks at once, it’s easy to forget about or completely overlook creating a privacy policy for your lead generation website. Yet with the deluge of new data privacy regulation and subsequent lawsuits, negligence with privacy policy laws is simply a no-no.

Here are some pointers for how small businesses can comply with standards and laws to create a simple privacy policy. This article will answer what this document actually contains, why you need one, and what should be included in a privacy policy for your small business.

Read on if… you want to learn about privacy policies in plain English, without all the headache-inducing legalese. Remember, we’re not lawyers—we're just here to give you some guidance.

What is a Privacy Policy for a website?


A privacy policy is a legal statement that discloses the way a business gathers, uses, discloses, and manages a customer’s data. It also informs users about whether that information is kept confidential, shared with partners, or sold to other businesses.

It fulfills a legal requirement to protect a customers’ privacy, especially in light of recent GDPR legislation, which affects businesses that collect information from any resident residing in the EU. (Here is more info on GDPR.)

So, what does personal information even mean? It’s really anything used to identify an individual, like:

  • A person's name
  • Address
  • IP address
  • Date of birth
  • Relationship status
  • Contact information
  • Financial records and credit information
  • Medical history
  • Browsing history

Why do you need a Privacy Policy?

Having a privacy policy on your website has many benefits. Here are eight of them, according to FreePrivacyPolicy.com:

1. It Builds Customer Trust

When a website user notices your business’ privacy policy, there is a subconscious trust factor that builds in their minds. Many websites display trust seals and easy-to-find privacy policies for this reason. This displays to visitors that your business is transparent and cares about their privacy, thus increasing levels of trust.

2. It Offers Peace of Mind to People

By explaining to users exactly what you’re collecting and how you are going to use their personal information, they will feel more comfortable to browse your website.

3. Fulfill Third-Party Requirements

Using a third-party service to collect data or display ads, still means you’re collecting personal information and the user has a right to be informed. If your website integrates with Google Analytics or Adsense, for example, third parties require a separate policy display on your website.

4. It's the Law

Almost every state and country requires some sort of privacy policy display. If you collect, store, or share personal data of any kind, it’s the law to have a policy on your site, you need a privacy policy… Or else, you might face disciplinary action from the government.

5. Protects Your Business From Getting Sued

If you don’t adhere to legal standards, you risk being sued. Companies like Snapchat and Delta Airlines have even been sued over questionable privacy policies. Stay on the defense and protect yourself from potential lawsuits!

6. Avoids Fines

Hefty fines from the Federal Trade Commission or (the country’s equivalent commission) is another consequence of not displaying an active privacy policy.

7. If You Have a Mobile App, It Protects It From Suspension

Even if you have an app, you are not excused from having a privacy policy. Many app stores require developers to link privacy policies on apps before listing them within the store.

8. Help Boost Your Revenue

If you willingly provide a privacy policy, more users may choose to business with you because they trust you.

What should be included?

Now that you’ve read up on the value of a privacy policy, are you wondering specifically how to write a privacy policy? Include the following elements:

  • Legal business name
  • Business location
  • Contact information
  • What type of information are you collecting from website visitors?
  • How you collect visitor information
  • How you use visitor information
  • How you keep visitor information protected
  • How a user can opt-out of collecting and sharing information
  • Whether or not you sell information to any third party. If you do, in what way will the information be used? (Think email newsletter services, affiliate websites, or advertising networks)

The content of a privacy policy depends upon the applicable laws of your website, including where your website does its business and what type of business it is. States and countries have different legislation and guidelines, so make sure you consult a small business lawyer in your area to get informed of all of your legal requirements.

Where should you put a Privacy Policy on your website?

“There are no legal requirements on where to place your Privacy Policy page, but it’s recommended that the link to the agreement is visible, not hidden, and easily accessible,” notes TermsFeed.com.

Some common places you’ll find a link to a privacy policy are:

  • On a website’s footer
  • As a pop-up
  • Within the top-level navigation of a website


The most common place for a privacy policy is a link in your website’s footer, on each page. This placement makes it accessible to all visitors; no matter what page they’re viewing!

Should you include a Privacy statement anywhere else?

Facebook Ads guidelines stipulate that a privacy policy has to be present on alanding page. We recommend including it within a footer on your landing page as well as your website, especially if your traffic is driving to a lead magnet.

But fear not…

At Leadpages, our landing page builder makes it easy to include a link to your privacy policy, either within the footer or within your pop-up.

Pro tip: Check out our Facebook Ads Generator for templates and tips on creating a high-converting Facebook Ad.

You could also add a link to your privacy policy on social media profiles as well as email newsletters within your “About Us” section of your profiles if you in any way collect, store, and distribute user data on your social accounts.

Privacy Policy examples


Need some more inspiration? Here are a few simple privacy policy examples that will work for your small business’ website. Each of the examples will guide you on how to make a privacy policy for websites.

The Better Business Bureau also offers a sample privacy policy template, which will set you on the right foot (please note, this copy was taken directly from the BBB website):

Privacy Notice

This privacy notice discloses the privacy practices for (website address). This privacy notice applies solely to information collected by this website. It will notify you of the following:

  • What personally identifiable information is collected from you through the website, how it is used and with whom it may be shared.
  • What choices are available to you regarding the use of your data?
  • The security procedures in place to protect the misuse of your information.
  • How you can correct any inaccuracies in the information.

Information Collection, Use, and Sharing

We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email or another form of direct contact from you. We will not sell or rent this information to anyone.

We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to ship an order.

Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this privacy policy.

Your Access to and Control Over Information

You may opt-out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:

  • See what data we have about you (if any).
  • Change/correct any data we have about you.
  • Have us delete any data we have about you.
  • Express any concern you have about our use of your data.


We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.

Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for "https" at the beginning of the address of the Web page.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

If you feel that we are not abiding by this privacy policy, you should contact us immediately via telephone at XXX YYY-ZZZZ or via email.

The above notice (or policy) probably does not describe your privacy practices exactly. You need to personalize your statement to fit your business practices. The following are some sample clauses that you can use to help describe other specific practices that fit your business model.

Optional Clauses

If your site has a registration page that customers must complete to do business with you, insert a paragraph like this in your privacy notice:


In order to use this website, a user must first complete the registration form. During registration, a user is required to give certain information (such as name and email address). This information is used to contact you about the products/services on our site in which you have expressed interest. At your option, you may also provide demographic information (such as gender or age) about yourself, but it is not required.

If you take and fill orders on your site, insert a paragraph like this in your privacy notice:


We request information from you on our order form. To buy from us, you must provide contact information (like name and shipping address) and financial information (like credit card number, expiration date). This information is used for billing purposes and to fill your orders. If we have trouble processing an order, we'll use this information to contact you.

If you use cookies or other devices that track site visitors, insert a paragraph like this in your privacy notice:


We use "cookies" on this site. A cookie is a piece of data stored on a site visitor's hard drive to help us improve your access to our site and identify repeat visitors to our site. For instance, when we use a cookie to identify you, you would not have to log in a password more than once, thereby saving time while on our site. Cookies can also enable us to track and target the interests of our users to enhance the experience on our site. Usage of a cookie is in no way linked to any personally identifiable information on our site.

If other organizations use cookies or other devices that track site visitors to your site, insert a paragraph like this in your privacy notice:

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies.

If you share information collected on your site with other parties, insert one or more of these paragraphs in your privacy notice:


We share aggregated demographic information with our partners and advertisers. This is not linked to any personal information that can identify any individual person.


We use an outside shipping company to ship orders, and a credit card processing company to bill users for goods and services. These companies do not retain, share, store or use personally identifiable information for any secondary purposes beyond filling your order.


We partner with another party to provide specific services. When the user signs up for these services, we will share names or other contact information that is necessary for the third party to provide these services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.

If your site has links to other sites, you might insert a paragraph like this in your privacy notice:


This website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.

If you ever collect data through surveys or contests on your site, you might insert a paragraph like this in your privacy notice:

Surveys & Contests

From time-to-time, our site requests information via surveys or contests. Participation in these surveys or contests is completely voluntary and you may choose whether or not to participate and therefore disclose this information. Information requested may include contact information (such as name and shipping address), and demographic information (such as zip code, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the use and satisfaction of this site.

There are also privacy policy generators, like this one available at PrivacyPolicyTemplate.net.

Have you checked all the boxes?

As you have learned, privacy is a hot-button issue that shouldn’t be taken lightly by any company — big or small. Treat others as you would want to be treated and be fully transparent about the collection, storage, and use of your users’ data. While a little more work to create a unique privacy policy, it will make you more trustworthy as a company at the end of the day.

And, don’t forget… Leadpages has your back. With our 100+ flexible landing page templates and we have the best-in-class drag-and-drop landing page builder. Customize your online presence any way you like with our help. Sign up for a free trial now!

Disclaimer: Leadpages is not a replacement for legal advice. We encourage all small business owners to consult with a qualified attorney. You should not rely on this information as legal advice, nor as a recommendation or endorsement of any particular legal understanding, and you should instead regard this article as intended for educational purposes only.

Share this post:
Leadpages Team
By The Leadpages Team
How to write a privacy policy
squiggle seperator
Try it free for 14 days

Curious about Leadpages?

Create web pages, explore our integrations, and see if we're the right fit for your business.