Privacy Policy – ​​What it is and how to create one

The European regulations on data protection and the new Spanish regulations on this subject have introduced changes to the web privacy policy . This section, unknown to many of those who are in the process of creating a website, is one of the most important and not including it can lead to significant sanctions.



What is the web privacy policy

Most websites collect data from their visitors , even the simplest ones. It is enough to have a contact form so that, for legal purposes, it is considered that there is handling of personal data.

Through the privacy policy text, what is done is  to explain to the Internet user why the owner of the page collects these data and what they are going to do with them, giving them in turn the possibility of accessing them and canceling or modifying them if considers it necessary.

What does the privacy policy affect?

After the entry into force of the  European General Data Protection Regulation (GDPR)  in 2018, data collection carried out by websites is in the spotlight of the authorities in charge of ensuring data protection.

In order to collect and process data,  it is necessary to justify that this action is really necessary. In the case of an online store this usually does not pose a problem, since to send an order to a customer it is necessary to know various information such as their full name, address or email.  

The problem comes when it comes to other types of web pages in which there is no direct commercial relationship  between the visitor and the company or professional, who owns that online space.

Despite this, in general it is understood that data processing can be carried out on all types of web pages , as long as it is done in accordance with the law and users are duly informed of both the processing that will be carried out. carried out as their rights, and that is precisely why the web privacy policy exists .  

Nowadays, all web pages are required to have a privacy policy text  that the user can consult, and the same goes for advertising emails , which must carry a link to the text referring to data protection. 

How to create the privacy policy

This text must be accessible and very clear, avoiding the use of technicalities that could prevent the interested party from really understanding what is being said. In addition, the privacy policy section must be easily visible from any browser and be free of any obstacles that could interfere with reading, such as advertisements or banners .     

What cannot be missing from the privacy policy are:

  • Contact details of the person responsible for the website

  • Contact details of the data protection officer

  • Legality of the data collection process

  • Objectives of data processing

  • Data recipients

  • Conservation periods

  • Rights of the interested party

The web privacy policy may be different in each case, but these elements can never be missing . However, as it is a fairly complex issue, it is best in many cases to leave the preparation of this text in the hands of legal experts.