Elle & Company

Is Your Website Missing This? You Could be Breaking the Law

Christina ScaleraLauren Hooker9 Comments

Adding a page to your blog that contains a privacy policy and any other pertinent legal disclaimers is not only smart, it can keep you out of legal trouble with the Federal Trade Commission (FTC). This is especially relevant if your blog contains advertising, allows readers to make comments, or you collect emails for a newsletter.

Privacy policies are required on any web page that collects information from consumers. This can include cookies your website places on your readers' browsers.

Moral of the story: if you have a website, you could be breaking the law if it doesn't have a privacy policy. It’s also a good idea to convey to your readers what you are doing (or not doing) with their information. When you are transparent with your readers like this, it builds their trust in your website, opinions, products and services.

Is Your Website Missing This? You Could Be Breaking the Law - The Elle & Company Collaborative

What is a privacy policy?

A privacy policy is merely a short description of the kind of information you collect from your visitors and what you do with that information. It is required by law when you are collecting any kind of data that could identify an individual. This information includes the visitor's name, email, location/address, phone number, etc.

How do I create a privacy policy?

While a privacy policy is a kind of legal document, it doesn't necessarily take an attorney to create or maintain it. Think of this document as one more way to create transparency and open conversation with your readers. In that vein, begin to write your privacy policy. For example, you might say,"we use the email address you give us to send you news and promotional discounts for our products," or, "our site collects cookies. Cookies are small data files that are sent from a browser and stored on your hard drive." The most important thing is that the policy be accurate- having an inaccurate policy is just as bad, if not worse, than having no policy at all.

Here are some resources to get you started on your privacy policy:

Privacy Policy Automatic Generator

This will automatically generate a generic privacy policy for your website with the minimal information you put in. While it is a good start, it is always advisable to edit and revise the policy to meet your needs. Furthermore, re-writing the policy in your own voice creates trust in your readers and allows you to understand what you are really promising in your policy.

Use other companies as examples

Go to a few of your favorite big blogs and companies and see what they have written for their privacy policy. Since I'm writing this post for a mostly female, creative entrepreneurial audience, I know you won't need the same privacy policy Google or Uber or some other equally techie company has. Try looking at these wonderful businesses for examples:

Emily Ley

Check out what they have included and what they've left out. With the exception of ProBlogger, all the businesses are primarily retailer websites so keep that in mind as well.

Your privacy policy is a living, breathing page

If you mess it up, just change it. Make sure you address the fact that the policy could change at any time. If you do change your privacy policy, it’s a good business practice to alert your visitors to the fact that it has changed. For example, you could write a little note at the bottom of your newsletter, and/or do something similar to what Pottery Barn has done with their updated privacy policy.

Pottery Barn Updated Privacy Policy Example:

Screen Shot 2015-11-07 at 9.57.56 PM.png

Think about what you want as a visitor on the sites you frequent

Write a draft of your privacy policy as a visitor to your site rather than the creator of your site. What do you want to hear? What feels good or bad to you?

Your policy doesn’t have to be full of legalese and terms you don’t understand. You can create a policy that speaks to your audience in a similar style as the rest of your site, so long as it addresses the main concerns in the next section.

What are the essential things my privacy policy should contain?

Your privacy policy needs to address:

  • What kind of information is collected & how (emails, cookies, names, etc.)
  • What you do with the information you collect
  • How you protect the information collected
  • What third parties have access to the information you collect (i.e. your hosting platform, server, ISP, employees/contractors, etc.)
  • Who is advertising on your site and what information the advertisers have access to (and while you're at it, it may be prudent to say something about how these are third parties with their own privacy policies and terms & conditions...)
  • Users implicit consent to your privacy policy by visiting your website
  • When the policy was last updated and a notification that the policy could change at any time, so visitors should always refer to your privacy policy for the latest version

Where do I display my privacy policy?

The second biggest mistake (behind not having any policy) I see bloggers and site owners making is failure to have the policy posted. It may be searchable but there isn't any direct link to the policy, which is another big no-no. You don't need to destroy your pretty little WordPress template, but try to fit the page into your footer area somewhere. Visitors who are looking for it are accustomed to this placement from other websites and will be going there to find it.


I don't stay up at night worrying about whether my privacy policy perfectly protects me. The chance the FTC cares about your little 'ole corner of the 'net is incredibly small. But to protect yourself with minimal effort, putting a privacy policy in place is a great idea. The biggest benefit after protection is that your readers will have a greater sense of trust in your business when you are upfront with them. Finally, if you're looking to take your blog from hobby to business, looking pro is essential, and this is just one more way to take your site to the next level with minimal effort.

Are you missing a privacy policy? Comment below!

Note: This informational post should not be construed as legal advice. Reading, sharing commenting or otherwise interacting with this content does not create an attorney-client relationship. If you have any questions regarding the information in this post, you should seek the advice of a licensed attorney in your State.

About the Author

Christina Scalera builds beautiful businesses from the inside out. She believes every creative deserves not only a dream, but a thriving business too. When she takes off her attorney hat she can be found in random places around the world, designing graphics for her blogs or horsing around in the woods. Photo: Shelby Rae Photographs

Website   |   Newsletter   |   Instagram