Does your blog have a privacy statement? I’m guessing if you’re here, it probably doesn’t, but you’re thinking that it should. And I’m here to tell you – yep, it should! Let’s discuss what a privacy statement is and why your blog needs one.

The privacy statement or policy tells your site’s visitors what kind of information is collected about them when they’re on your site. This is important because it shows your visitors what you’re doing with their info, which helps them to trust you and your services. Transparency is super important, right?  You may just be good with a simple blog privacy statement, but if you display third-party ads, collect/share any information about your visitors (like email addresses) or use info for analysis, then you need to have a more detailed policy that clearly outlines what you collect, how you use it and what you share.

But don’t be scared. I’m gonna break it down for you!

How to Create Your Blog Privacy Statement - chances are your blog NEEDS a privacy statement. Don't have one yet? No sweat - click through to learn why you need a privacy statement and what it should include. PLUS a free checklist!

So let’s dig into this a little more. There are a few laws in the US that require a privacy policy if you collect any personal data or information. “Personal” data includes anything that could identify an individual, such as their email address, first and last name, billing and shipping address and credit card information.

Additionally, many third party advertisers (such as Google Adsense and Amazon) also specifically require that you have a privacy statement on your blog or website. Google AdSense requires a policy that outlines to your visitors exactly how Google collects and uses information about your blog visitors. Even if you DON’T participate in an ad program that requires a published privacy policy, it doesn’t hurt to have one on your blog.

All of this is meant to protect the consumer by being as transparent as possible. Makes sense – you want to know the sites you’re visiting aren’t hoarding and selling your personal info. So offer your blog visitors that same peace of mind!

The main thing to remember when creating a privacy policy is to put it all out there. Let your readers know what info you collect, how you collect it, if you do/don’t share info, etc. Be honest and then actually stick to what you’re saying. It’s pretty simple – make sure that you are protecting people’s information and keeping everything secure.

There are various places where you can copy and paste a free privacy policy, but this isn’t a time to be cheap. Make sure that your privacy policy is customized to your site and your needs. It’s far better to take the time now to create something the right way so you don’t have problems down the line. A few options are to craft your own policy and have an attorney review it, work with an attorney for a customized policy or use an online template that you customize to your own needs and information.

Here is a list of the basics of what your policy should include. This isn’t an exhaustive list since it may be slightly different depending on your site. (Additionally, I am a US-based attorney so this list was compiled with US laws in mind. Note that the laws and regulations in other countries and jurisdictions may differ.)

1. Written in plain English

Your policy doesn’t have to be written in legal jargon in order to be valid. Write in plain English so your visitors can easily understand what your policies are. Your policy also needs to be easily found on your site and should be easily readable (so don’t use tiny font or a text color that’s unreadable since that is obviously helpful to no one).

2. What info is collected, used or shared

Include language letting your readers know exactly what type of information is being collected, such as their email addresses for comments, cookies for advertising, credit card data if you make sales on your site, etc. You might be collecting information you don’t even realize, such as if you require an email address to leave comments or you collect email addresses when people sign up for your email list. Let people know you’re collecting this info.

Also let people know if are sharing their information. For example, if you have an email list, your email service provider (such as MailChimp) has access to those email addresses, so let your visitors know this. You should also note if third party advertisers (like Google AdSense or BlogHer) have access to their information. If you have affiliate links, here is where you can also note that info is collected through affiliate links.

Related Post: What You Need to Know to (Legally) Work with Brands

3. How info is collected

You most likely are collecting information through the use of cookies, since cookies abound on the internet. If you’re looking at where people are clicking from, what country they’re in or other demographic or behavioral data through something like Google Analytics, then you are collecting info. So let your site visitors know how you’re getting.

You are likely also collecting information like email addresses through voluntary means, such as when people leave comments or download a freebie in exchange for their email address.  Lastly, if you do any sort of transactions on your blog (such as direct sales through Stripe or PayPal), let visitors know that you use a certain service in order to process payments and let them know how you ensure their transactions will be secure.

4. What you do with the info

Let your users know how you use info that is collected. Is it just for the use of analytics to figure, do you require email addresses for comments just so you can reply, do you share email addresses with a third party besides your email service provider (you shouldn’t be, so here is where you can say that you don’t share/sell email addresses), are you tracking people’s buying habits so you can sell them more stuff? Whatever it may be, here is where you need to put it all out there.

Hopefully you aren’t collecting info for nefarious purposes, so here is a good place to put your visitors’ minds at ease. Let them know what you’re doing with their info and (maybe even more importantly) what you’re not doing with it (selling it, sharing it, etc).

As noted above, you might be sharing info with affiliates, partners or advertisers, for advertising purposes. Here is where you would indicate that. Be specific if you can and list out your affiliate or partner networks.

There are some cases where you might be compelled by law to release certain information, so you can include a quick statement that you may share info if required by law or to prevent harm to others, etc.

Related Link: Legal Marketplace

5. Links to other websites

It’s a good idea to include a statement that your website includes links to outside sites, but that you aren’t responsible for those other sites and they have their own privacy statements. This just makes it clear that your privacy policy shouldn’t be assumed to extend to any sites that you link to.

6. How to opt out /change

You should let your readers opt out if they don’t agree with your policies. This would mainly mean that if they don’t agree, they shouldn’t access your site. You should also advise them that they can opt out of any email marketing at any time. Then, of course, you have to actually take them off of your email list if they ask.

Related Post: Email Newsletters and the Law

7. Updates

Include a section that your policy is subject to change and that you will either let users know of any changes or that changes will be posted without notice.

8. Questions and contact information

This section will allow anyone who has questions or concerns to contact you. Include a contact form and/or your email address.

I know this is a lot to remember and you might not be ready to write your privacy statement right this minute. So I’ve created a handy checklist for you. Refer back to this little guy when you’re ready to write your statement. Remember this isn’t an exhaustive list but it’s a great way to get you started. Your own statement will depend on your website/blog, so make sure to include language that addresses all of your possible situations.

So any questions about privacy statements? Have you written yours yet? If you already have one, use this post and the above checklist to make sure you have all of these elements. You can also work with an attorney to write your statement. Lastly, if you want a statement but aren’t sure where to even start, check out my Legal Marketplace where you can purchase a template privacy statement. It includes the meat that privacy statements need to include, plus instructions on how to customize the statement to your personal needs! As an attorney, I wrote this template as a starting point with bloggers in mind. 

Disclaimer: I am an attorney, but I am not your attorney. The information in this article is for general informational purposes only and is not legal advice. This article does not create an attorney-client relationship. The author is not liable for any losses or damages related to actions of failure to act related to the content in this article. If you need specific legal advice, consult with an attorney who specializes in your subject matter and jurisdiction.