Latest SeedProd News

WordPress Tutorials, Tips, and Resources to Help Grow Your Business

WordPress privacy policy

How to Create a WordPress Privacy Policy (Easy Guide) 

Written By: author avatar Stacey Corrin
author avatar Stacey Corrin
Stacey has been writing about WordPress and digital marketing for over 10 years and on other topics for much longer. Alongside this, she's fascinated with web design, user experience, and SEO.
     Reviewed By: reviewer avatar Turner John
reviewer avatar Turner John
John Turner is the co-founder of SeedProd. He has over 20+ years of business and development experience and his plugins have been downloaded over 25 million times.

Do you want to create a WordPress privacy policy?

By law, all websites should have a privacy policy to disclose the information you collect about your site visitors. And it’s a page all site owners should have, even if you’re a blogger, freelancer, or eCommerce business.

Creating a privacy policy isn’t that straightforward for site owners who’ve never made one before.

But don’t worry.

In this WordPress privacy policy step-by-step guide, we’ll show you how to create and add a legal privacy policy to your WordPress site and small business.

What is a Privacy Policy, and Why Do You Need One?

So first up, let’s recap what a privacy policy is. As we mentioned above, a privacy policy page is something all websites should have by law (in most countries) to make it clear what type of information your site collects.

Most websites collect data in many diverse ways. But for typical WordPress site business owners, here are some of the ways you might collect user data:

  • Contact information when visitors leave a comment
  • Comment cookies that remember those names and email details
  • Names and email addresses submitted through contact forms
  • Names and email addresses added when joining an email list
  • Information gathered when someone registers on your website
  • IP addresses and other data tracked by Google Analytics
  • Advertising platforms similar to Google Adsense that track users
  • Facebook Page plugin and profiling cookies
  • Other Social media widgets that track users

With this in mind, all live websites should have a privacy policy page. Not only does it display transparency to help customers trust you more, but it also protects you from legal issues that might arise by breaking privacy laws.

Furthermore, creating a Privacy Policy page helps you with the General Data Protection Regulation (the GDPR) compliance.

If you didn’t already know, GDPR is a European Union (EU) law that provides people with control over their personal data collection. The rule applies to every business around the world, even if you’re not in an EU country. 

Why not read this ultimate guide to WordPress and GDPR to understand how it can impact your website?

Additionally, the California Consumer Privacy Act (CCPA) and California Online Privacy Protection Act (CalOPPA) apply to businesses and service providers that cater to customers in California, so it’s another piece of legal advice you need to read up on to stay compliant in that area.

But now, the question you’re probably asking is, “Is WordPress GDPR compliant?”. 

The answer is yes. Since the launch of WordPress 4.9.6, the core software of WordPress is GDPR compliant, as well as WordPress.com. The WordPress team added several enhancements to ensure compliance. 

You’ll still need to create a WordPress privacy policy to cover the other tools, WordPress plugins, and services you use and embed besides the core WordPress software.

What to Include in Your WordPress Privacy Policy

Now that you know what a privacy policy is, you might be wondering what to include in your disclaimer and if you’re able to write your own. 

To write your own privacy policy page, you should list all the ways you collect and plan to collect user information on your website.

A simple WordPress privacy policy page should include the following details:

  • The information you gather about people visiting your site.
  • The methods you use to collect that information, for example, cookie consent, comment forms, contact forms, registration functionality, etc.
  • Mentions of all third-party advertisers collecting information on your site, such as Google Adsense. 
  • Links to the privacy policies of each advertising program you work with.
  • Any other third-party services that collect personal information.
  • Instructions for how users can opt-out of advertisements and block cookies.
  • Your contact details so users can get in touch with any questions.

If you’d prefer not to write your policy from scratch, there’s a range of websites available that automatically generate your privacy policy or terms of service text.

In fact, WordPress comes with a basic privacy policy generator you can use as a starting point.

Or you can take a look at SeedProd’s Privacy Policy page for inspiration on where to start instead of searching for a privacy policy template online.

Now that you know what a privacy policy is and what to include when creating your own, it’s time to learn how to build one.

Creating a WordPress Privacy Policy

Creating a privacy policy page on your WordPress website is pretty straightforward. As we mentioned above, WordPress provides you with a default privacy policy page template to use, with pretty clear instructions on how to add your tailored content to it.

To begin, head to Settings » Privacy. As you can see below, WordPress has already created a draft Privacy Policy page to start with.

Draft WordPress privacy policy page

To use the draft policy, click the Use This Page button. Or you can create a brand new privacy policy page by clicking the Create New Page button. From there, WordPress will open the page up for you to make changes.

For this guide, we’ll edit the draft WordPress privacy policy page. So go ahead and click the Edit link as shown below.

Edit wordpress privacy policy draft

Once you open your draft privacy policy, you’ll see a notice directing you to a privacy policy guide. It includes extra help and suggestions for what to add to your policy page.

Privacy policy guide notice

The content of your draft privacy policy page also includes details on how to edit each section.

You’ll see there are several sections dedicated to ways your WordPress site might collect personal information, for example, comments, media, contact forms, cookies, and more.

Privacy policy data collection sections

Plus, there are a few sections with no information under them, like contact forms and analytics.

Default WordPress privacy policy sections with no information

For the contact form section, you can write about the information you collect and what you do with it. And if you’re already using the WPForms plugin to create a contact form, then you’re already creating GDPR-compliant forms that come with a confirmation checkbox to opt-in.

On the other hand, for Google Analytics, you can follow this guide to Google Analytics and GDPR.

If you’re showing ads using third-party ad networks (such as Google Adsense), it’s a smart move to get users’ consent for using cookies and web beacons to collect their data. You can do this by using a plugin like Cookie Notice, or you can see this guide on the best GDPR plugins for WordPress.

Once you’ve carefully reviewed your privacy policy page, click the Publish button to save it. Then you can discover the best place to display your WordPress privacy policy page.

Where to Display Your Privacy Policy in WordPress

The majority of websites display a link to their privacy policy in their site footer. That way, the link’s visible across every website page without taking up space in the main navigation menu.

There are several ways to add your privacy policy link to your footer. The easiest way is to put the link in a widget-ready area of your WordPress footer.

Most WordPress themes include widget-ready areas for your site’s footer. They might be called footer sidebars or footer widget areas.

Head to Appearance » Widgets to see if your WordPress theme has a footer widget area.

Locate your theme's footer widget areas

If your theme does have a footer widget area, you can display your privacy policy link using the default Navigation Menu widget.

But first, you’ll need to create a new navigation menu. 

To create a new navigation menu, head to Appearance » Menu and click the Create a New Menu link.

Create new custom WordPress menu

Then give your menu a name and click Create Menu.

Create new menu in WordPress

From there, select the pages you’d like to add to your footer menu from the left column and click Add to Menu.

Add pages to menu

Your selected pages then appear in the right menu column. Click and drag any menu item to rearrange the layout. Then when you’re done, click Save Menu to confirm the changes.

Rearrange and save your WordPress menu

Now go to Appearance » Widgets, click the plus icon on your chosen footer sidebar and search for the Navigation Menu widget.

Add the navigation menu widget to the footer widget area

Then choose the custom menu you added earlier from the drop-down list of the widget settings. Don’t forget to click the Save button to confirm the changes. 

Now you can visit any page on your website to see your privacy policy link in the footer area.

Display your WordPress privacy policy link in the footer of your site.

If you find that your WordPress theme doesn’t have a footer widget area, you can manually add a link to your privacy policy page to your footer with HTML code.

To do this, you’ll have to edit a file in your theme called footer.php. Editing theme files can be tricky if you haven’t done it before, so read up on how to copy and paste code in WordPress here.

Now, in your footer.php file, add the following HTML code snippet just before the </body> tag.

<a href="http://example.com/privacy-policy">Privacy Policy</a>

Don’t forget to replace the example URL above with the URL of your privacy policy page. With that done, save the changes, and when you preview your website, you’ll see the link in action.

Frequently Asked Questions

Do I need a privacy policy for my WordPress site?

Yes, you do. In most countries, websites that collect personal information from users are required to have a privacy policy. This is because privacy laws require businesses to be transparent about how they collect, use, and share personal information. A privacy policy also helps to build trust with your users and protect you from legal liability.

Where should I publish my WordPress privacy policy?

You should publish your WordPress privacy policy on a page on your website that is easily accessible to users. You should also link to your privacy policy from any page on your website where you collect personal information from users.

How often should I update my WordPress privacy policy?

You should update your WordPress privacy policy whenever you make changes to the way you collect, use, or share personal information from users. You should also update your privacy policy if you are required to do so by law.

What are the risks of not having a WordPress privacy policy?

There are several risks associated with not having a WordPress privacy policy. These risks include:

  • Non-compliance with the law
  • Loss of trust with users
  • Legal liability

And that’s all!

You now know how to create a WordPress Privacy Policy page for informing website visitors of the data you collect.

We hope this article was helpful, and if you’re interested in adding more ways for visitors to contact you, check out this tutorial on how to make a click-to-call link in WordPress.

And don’t forget to follow us on Facebook and Twitter for more helpful tips and tutorials.

author avatar
Stacey Corrin Writer
Stacey has been writing about WordPress and digital marketing for over 10 years and on other topics for much longer. Alongside this, she's fascinated with web design, user experience, and SEO.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. We only recommend products that we believe will add value to our readers.