What is the Privacy Policy of a Website or an App?

Privacy Policy

The Privacy Policy of a Website or an App (or Privacy Policy) is the document with which users are informed about the purposes and methods of processing their personal data. This document, therefore, represents the communication to users of any information necessary to guarantee correct and transparent data processing in accordance with the law (for example, the purposes of the processing, the data retention period, the right to withdraw consent to the processing, information on the data controller, etc.).

The online privacy policy is mandatory whenever personal data is processed on a website or application. According to the European privacy regulation (GDPR in English), the processing is defined as any operation carried out on the user’s personal data in an automated or non-automated way (for example, storage, use, reading, communication of data, etc.).

Remember that the ‘ lack of or incorrect information privacy the user is punishable by a penalty fine of up to EUR 20 million or up to 4% of the turnover annual world, taking into account the individual case, the nature, severity, duration of the infringement, etc.

When using the privacy policy for websites or apps

The privacy policy for websites and apps is used to communicate to users the necessary information required by current legislation both for a website and for a desktop or mobile application. The document will adapt on the basis of the selected options and can be used for any type of service provided to users (e.g. blogs, e-commerce, information sites, e-marketplaces, etc.), as well as for any purpose of processing the data.

This document will need to be posted online on your site or within an application. If, on the other hand, you need a document to manage the processing of data for offline activities such as shops, doctors’ offices or for employee data, you will need to use a different document: the privacy policy for offline activities.

You can specify the purposes for which you will collect the data by choosing from a list of predefined purposes (e.g. sending emails or newsletters, interacting with live chat, etc.) or, for special needs, you can describe the purposes in a personalized way.

The privacy policy is also used when products or services are offered to foreign users. In these cases, it is possible to create the document in English or in two languages ​​to facilitate consultation. It is in fact mandatory that the information is always understandable even to foreign users and must therefore be translated into all the languages ​​in which the site or app is available.

What the GDPR compliant privacy policy model contains

Our privacy policy meets all legal requirements and contains all the information required by current privacy legislation and European regulations (GDPR):

  • Types of personal data collected: it is possible to choose between data voluntarily provided by the user (contact data, information, content, sensitive data, data collected from social media, etc.) and automatically acquired data (usage data, geolocation data, data collected through cookies, etc.)
  • Purpose of processing: the purposes for which personal data are collected must be listed (e.g. statistical purposes, user profiling, payment management, etc.). We have prepared the interview allowing you to choose between pre-set and/or customizable purposes
  • Processing methods: the electronic or manual tools with which the data are collected, the methods of organizing the data, the security measures to prevent unauthorized access, disclosure, modification or destruction of data must be indicated
  • Data recipients: the names of the third party’s recipients of the data or the economic or commodity categories to which they belong must be indicated (e.g. marketing consultants, shippers, etc.)
  • Legal basis of the processing: the basis on which the processing is based (consent, legal obligation, contractual obligation, etc.)
  • Place: where the data are stored and if they are transferred to a non-EU country
  • Automated decision-making processes: if procedures such as profiling and the logic with which they are used are used
  • Data retention period: how long the User’s personal data are stored;
  • Rights exercisable by users: the legislation expressly requires you to enter the list of what a user can do (ask for data removal, cancellation, transformation into anonymous form or blocking of data, etc.)
  • Identification data of the data controller and/or the data protection officer (DPO): all data must be entered to identify and contact who determines the purposes and means of the processing of personal data. If appointed, the data protection officer must also be indicated
  • English language: it is also possible to generate the document in English if your users are foreigners.

The privacy policy is only one of the obligations provided for by the GDPR. Once you have downloaded your document, we will guide you step by step through all the necessary subsequent formalities (for example, the request for consent, the preparation of security measures and the preparation of the treatment register, etc.) so that the connected documents are correctly prepared. (eg. Cookie Policy or cookie information, etc.). If you need more help you can also request a website GDPR adjustment to adapt your website or app or request our GDPR consultation with an experienced lawyer to be followed up further.

Information you need

To complete the privacy policy, all the data of the site or App and of the owner are required. It can be very helpful to get help from your webmaster or IT consultant.

Remember that our interview does not generate a simple privacy policy template for websites and apps. Based on your answers, the system automatically draws up a customized contract model for your exact needs, guaranteeing its legal correctness.

The document can be modified free of charge in all its parts without time limits. Don’t worry so if you don’t have all the information available during the interview, you can always enter it later.

Other names

The privacy policy is also known as:

  • privacy policy for website or app compliant with the gap
  • privacy policy for websites or apps
  • information on the processing of personal data
  • GDPR policy statement

Other useful templates and facsimiles

  • Cookie Policy: to inform your site visitors of the cookies you will save on their browser
  • Terms and Conditions of a Website or an App: to regulate the rights and obligations of users of a website or application
  • Personal Data Processing Register: to collect all information relating to the management of personal data processed
  • Privacy Notice for Offline Activities: to inform your customers or employees about the use that will be made of their personal information
  • E-marketplace Membership Conditions: to regulate the relationship between the owner of an online marketplace and suppliers who sell products and/or services to users