Updating Your Privacy Policy for GDPR




Time to Read: 2m 0s

According to a 2016 study by TrustArc, 92% of users in the U.S. are concerned about online privacy, an increase of 45% from the previous year. Only 31% of users understand how their personal information is shared and 74% have limited their online activity due to privacy concerns, which has a serious impact on online advertising and transactions. Gaining and keeping the trust of site visitors and customers plays an important role in your success as a business. Act now by updating your policy to clearly state how data is collected and used and help prevent legal issues by incorporating the information required by GDPR.

GDPR and Privacy Policies

General Data Protection Regulation (GDPR) goes into effect on May 25, 2018 and is aimed at providing additional protection of personal data for citizens of the European Union (EU). This consumer protection initiative affects business not only in the EU but worldwide, and it is important for you to take the necessary steps to review how you collect data and gain user consent. Another important step is ensuring your privacy policy is updated and contains clear language about how you collect and use personal data. Your privacy policy should always:
  • be transparent, and written in an intelligible manner
  • use clear and concise language
  • be easily accessible
  • clearly state how users can request removal of their personal data
  • explain what data you collect, how it is collected, and how you keep it secure
  • notify users of cookie use
GDPR requires that you explain how data is used and how they can request removal of their personal data. To meet this requirement, you will need to establish a process for deleting personal data and clearly state the procedure in your privacy policy. Items you should include are:
  • what information and services their data is used for
  • whether providing data is required to access your site information or create a user account
  • if and how data is used for automated screening purposes (loans, credit scores, etc.)
  • name of your data controller and contact information for data removal requests
  • information about international privacy laws
  • your lawful basis for processing data
Long privacy policies filled with legal language can confuse consumers and prevent them from fully understanding how their personal information is used and collected. With policies like GDPR going into effect it is extremely important that your privacy policy is clear and easily understood by a general audience. Learn more about GDPR privacy policies and update your privacy policy using a GDPR Privacy Policy Generator.