Ecommerce Content: Writing a Good Privacy Policy

There are a number of ways that a small business can obtain a privacy policy for its website. If you choose the “in-house method”, we offer eight tips to get you started.

A website privacy policy is an important piece of content that every business site, including ecommerce websites, needs to provide site visitors.  A small business owner should establish a professional privacy policy that relates to customer information and make that document readily available online.  Not only can this prevent you from being entangled in legal woes, but it will also help you to boost consumer confidence and to increase conversions.

Getting Started: What is a Privacy Policy?

The privacy policy appears as a clickable link on your site that takes your site visitors to a page that you provide. This page is statement that details what kinds of personal information you will collect from users visiting your website, who you will share the information you collect with, and how you will use and store that information.

How to Get a Privacy Policy

In 2009, a survey by TRUSTe showed that fifty-six percent of small business owners had no privacy policy in place.  The study also revealed that one-third of small businesses admitted that they “cut-and-pasted” a privacy policy from another business website to their own.  Copying a privacy policy is something you should not do, for many reasons other than the obvious copyright infringement. 

Not only could it damage your small business reputation, but a privacy policy is designed to protect and inform your site visitors. Rather than protect users, when you copy and paste a privacy policy from another source, you are creating a risky situation for your site visitors.

The best rule of thumb is to invest in a privacy policy like you would any business requirement. The optimal solution would be to pay legal the fees and hire a lawyer to draft a privacy policy document for your business. The problem of course, is that not all small businesses can afford to do this. Another option would be to take advantage of in-house knowledge and draft the document yourself, and then have it verified and finalized by a lawyer to help lower legal expenses.

Another option is to use an online service that offers a Privacy Policy Generator, such as the professional services offered by reputable companies, like TRUSTe. The service you choose should be verified to ensure industry compliance that is based on your own business practices.  Look for a service that will scan your website and any other business documents you provide, and then generate a privacy policy that is tailored to your business.

A Privacy Policy Check List

If you choose the do-it-yourself (DIY) route, there are a number of things that need to be disclosed to your site visitors in the document. The following check list offers eight topics you should cover in your privacy policy:

  • Tell users why you are collecting this information and describe how your business will use the information collected.
  • Specify what information you collect about a user and state what portion, if any, is personally identifiable.
  • Explain your data collection process. For example, let people know if the website sets cookies or maintains weblogs. Also inform people how long you will store the information.
  • If you run third-party ads or services that may collect user data, be sure to mention it in your document and link to the third-party provider’s own privacy policy.
  • Ensure that people can consent to the information collection (e.g. note it on a sign-up form or other collection page) and also ensure they can opt-out without hindering their site experience.
  • The Children’s Online Privacy Protection Act (COPPA) determines what information is collected from children online and how the information can be used. Make sure that your privacy policy strictly adheres to those guidelines.
  • Provide contact details right in the document for people who might have a question or concern about your privacy policy.
  • State any applicable laws used to govern your policy (e.g. the Privacy Act).

Online Resources

The Federal Trade Commission website is an excellent resource. Be sure to read through the legal requirements businesses are obligated to adhere to, and also read the COPPA act. This is a good place to start gathering information before drafting your website privacy policy.

Vangie Beal is a veteran online seller and frequent contributor to She is also managing editor of You can tweet with her online @AuroraGG.

Do you have a comment or question about this article or other e-commerce topics in general? Speak out in the E-Commerce Forum. Join the discussion today!

Comment and Contribute
* Required Field
Your email address will not be published

Note: No advertising, no spam, no keyword in name/nickname field. Thank you!

Free Resources

Subscribe To Our Daily Newsletter