“Market-leading” General Data Protection Regulation templates can cost hundreds of Pounds, so I thought I’d turn my hand to writing a GDPR data protection and privacy policy. In the spirit of my Contract Killer , I’ve called this one “(Data) Protection Racket.” It’s yours to adapt and use for free, but if you like it, why not send me a little money ? (If you don’t, I promise to not set your restaurant on fire.)

The EU’s General Data Protection Regulation (GDPR) comes into effect on May 25th 2018 and web designers and our clients need to be prepared. This open source GDPR privacy policy template is designed for web professionals.

If you use this GDPR privacy policy template , consider saying “thank you” with a small donation.

Use of private information policy (GDPR)

Last updated: [date]

Summary:

We respect the EU’s General Data Protection Regulations (GDPR) and this policy explains how we collect and treat any information you give us. You won’t find any complicated legal terms or long passages of unreadable text. We’ve no desire to trick you into agreeing to something you might later regret.

Our policy covers

Why we value your privacy

We value your privacy as much as we do our own, so we’re committed to keeping your personal and business information safe. We’re uncomfortable with the information companies, governments, and other organisations keep on file, so we ask for only the bare minimum from our customers. We’ll never use your personal information for any reason other than why you gave it, and we’ll never give anyone access to it unless we’re forced to by law.

How we collect information

We ask for contact information including your name, email address, and phone number, on our website so that we can reply to your enquiry.

Our website doesn’t use cookies or scripts that were designed to track the websites you visit. We don’t use analytics or native social media ‘like’ or ‘sharing’ buttons which also build profiles of your internet activity.

We collect your email address when you sign up for one of our newsletters.

We ask for your account and contact information when you hire or buy something from us.

Occasionally, we might receive your contact information from one of our partners. If we do, we protect it in exactly the same way as if you give it to us directly.

What information we hold

When you contact us by email or through our website, we collect your name, email address, phone number, a social media username, and the company you work for, if you’ve given us that.

If you sign up for a newsletter, we only collect your email address.

When you buy something from us, we collect your name, email address, phone number, and a delivery address.

If you do business with us, we also collect your business name and bank details and keep records of the invoices we send you and the payments you make.

All purchases are processed by [ _ ], our ecommerce platform and we never have access to your credit card information.

Where we store your information

When you contact us by email or through our website, we store your your information in [_], our Customer Relationship Management (CRM) software. If you sign up for a newsletter, we store your email address in [_], which is the marketing platform we prefer. When you buy something, your information is stored in [_], our ecommerce platform, and if we do business, we store your information in our accounts software, [_]. We chose these systems partly for their commitment to security.

What we use your information for

We occasionally use your contact information to send you details of our products and services. When we do, you have the option to unsubscribe from these communications and we won’t send them to you again. We might also email or phone you about our products and services, but if you tell us not to, we won’t get in touch again. We will use your information to send you invoices, statements, or reminders.

Who’s responsible for your information at our company

[_], our [_], is responsible for the security of your information. You can contact them by email at [_] or by phone on [_] if you have any concerns about the information we store.

Who has access to information about you

When we store information in our own systems, only the people who need it have access. Our management team have access to everything you’ve provided, but individual employees have access to only what they need to do their job.

The steps we take to keep your information private

Where we store your information in third-party services, we restrict access only to people who need it. We store passwords in [_], an encrypted password manager, use a different, randomly generated password for each service, and never use the same password twice.

The computers we use are all encrypted using [_] and are protected by a passcode or fingerprint access. These computers ask for authentication whenever they’re started or after 5 minutes of inactivity. Our mobile devices are also protected by a fingerprint or facial recognition.

How to complain

We take complaints very seriously. If you’ve any reason to complain about the ways we handle your privacy, please contact [_] by email at [_] or by phone on [_]. If you’re the letter writing type, send your envelope to [_]

Changes to the policy

If we change the contents of this policy, those changes will become effective the moment we publish them on our website.

If you like this GDPR privacy policy template, consider saying “thank you” with a small donation.

Donate by PayPal