How to Create a WordPress Privacy Policy (Easy Guide) 

Do you want to create a WordPress privacy policy?

By law, all websites should have a privacy policy to disclose the information you collect about your site visitors. And it’s a page all site owners should have, even if you’re a blogger, freelancer, or eCommerce business.

Creating a privacy policy isn’t that straightforward for site owners who’ve never made one before.

But don’t worry.

In this WordPress privacy policy step-by-step guide, we’ll show you how to create and add a legal privacy policy to your WordPress site and small business.

What is a Privacy Policy, and Why Do You Need One?

So first up, let’s recap what a privacy policy is. As we mentioned above, a privacy policy page is something all websites should have by law (in most countries) to make it clear what type of information your site collects.

Most websites collect data in many diverse ways. But for typical WordPress site business owners, here are some of the ways you might collect user data:

• Contact information when visitors leave a comment
• Comment cookies that remember those names and email details
• Names and email addresses submitted through contact forms
• Names and email addresses added when joining an email list
• Information gathered when someone registers on your website
• IP addresses and other data tracked by Google Analytics
• Advertising platforms similar to Google Adsense that track users
• Facebook Page plugin and profiling cookies
• Other Social media widgets that track users

With this in mind, all live websites should have a privacy policy page. Not only does it display transparency to help customers trust you more, but it also protects you from legal issues that might arise by breaking privacy laws.

Furthermore, creating a Privacy Policy page helps you with the General Data Protection Regulation (the GDPR) compliance.

If you didn’t already know, GDPR is a European Union (EU) law that provides people with control over their personal data collection. The rule applies to every business around the world, even if you’re not in an EU country. 

Why not read this ultimate guide to WordPress and GDPR to understand how it can impact your website?

Additionally, the California Consumer Privacy Act (CCPA) and California Online Privacy Protection Act (CalOPPA) apply to businesses and service providers that cater to customers in California, so it’s another piece of legal advice you need to read up on to stay compliant in that area.

But now, the question you’re probably asking is, “Is WordPress GDPR compliant?”. 

The answer is yes. Since the launch of WordPress 4.9.6, the core software of WordPress is GDPR compliant, as well as WordPress.com. The WordPress team added several enhancements to ensure compliance. 

You’ll still need to create a WordPress privacy policy to cover the other tools, WordPress plugins, and services you use and embed besides the core WordPress software.

What to Include in Your WordPress Privacy Policy

Now that you know what a privacy policy is, you might be wondering what to include in your disclaimer and if you’re able to write your own. 

To write your own privacy policy page, you should list all the ways you collect and plan to collect user information on your website.

A simple WordPress privacy policy page should include the following details:

• The information you gather about people visiting your site.
• The methods you use to collect that information, for example, cookie consent, comment forms, contact forms, registration functionality, etc.
• Mentions of all third-party advertisers collecting information on your site, such as Google Adsense. 
• Links to the privacy policies of each advertising program you work with.
• Any other third-party services that collect personal information.
• Instructions for how users can opt-out of advertisements and block cookies.
• Your contact details so users can get in touch with any questions.

If you’d prefer not to write your policy from scratch, there’s a range of websites available that automatically generate your privacy policy or terms of service text.

In fact, WordPress comes with a basic privacy policy generator you can use as a starting point.

Or you can take a look at SeedProd’s Privacy Policy page for inspiration on where to start instead of searching for a privacy policy template online.

Now that you know what a privacy policy is and what to include when creating your own, it’s time to learn how to build one.

Creating a WordPress Privacy Policy

Creating a privacy policy page on your WordPress website is pretty straightforward. As we mentioned above, WordPress provides you with a default privacy policy page template to use, with pretty clear instructions on how to add your tailored content to it.

To begin, head to Settings » Privacy. As you can see below, WordPress has already created a draft Privacy Policy page to start with.

To use the draft policy, click the Use This Page button. Or you can create a brand new privacy policy page by clicking the Create New Page button. From there, WordPress will open the page up for you to make changes.

For this guide, we’ll edit the draft WordPress privacy policy page. So go ahead and click the Edit link as shown below.

Once you open your draft privacy policy, you’ll see a notice directing you to a privacy policy guide. It includes extra help and suggestions for what to add to your policy page.

The content of your draft privacy policy page also includes details on how to edit each section.

You’ll see there are several sections dedicated to ways your WordPress site might collect personal information, for example, comments, media, contact forms, cookies, and more.

Plus, there are a few sections with no information under them, like contact forms and analytics.

For the contact form section, you can write about the information you collect and what you do with it. And if you’re already using the WPForms plugin to create a contact form, then you’re already creating GDPR-compliant forms that come with a confirmation checkbox to opt-in.

On the other hand, for Google Analytics, you can follow this guide to Google Analytics and GDPR.

If you’re showing ads using third-party ad networks (such as Google Adsense), it’s a smart move to get users’ consent for using cookies and web beacons to collect their data. You can do this by using a plugin like Cookie Notice, or you can see this guide on the best GDPR plugins for WordPress.

Once you’ve carefully reviewed your privacy policy page, click the Publish button to save it. Then you can discover the best place to display your WordPress privacy policy page.

Where to Display Your Privacy Policy in WordPress

The majority of websites display a link to their privacy policy in their site footer. That way, the link’s visible across every website page without taking up space in the main navigation menu.

Adding Your Privacy Policy Link to WordPress Footer With a Widget

There are several ways to add your privacy policy link to your footer. The easiest way is to put the link in a widget-ready area of your WordPress footer.

Most WordPress themes include widget-ready areas for your site’s footer. They might be called footer sidebars or footer widget areas.

Head to Appearance » Widgets to see if your WordPress theme has a footer widget area.

If your theme does have a footer widget area, you can display your privacy policy link using the default Navigation Menu widget.

But first, you’ll need to create a new navigation menu. 

To create a new navigation menu, head to Appearance » Menu and click the Create a New Menu link.

Then give your menu a name and click Create Menu.

From there, select the pages you’d like to add to your footer menu from the left column and click Add to Menu.

Your selected pages then appear in the right menu column. Click and drag any menu item to rearrange the layout. Then when you’re done, click Save Menu to confirm the changes.

Now go to Appearance » Widgets, click the plus icon on your chosen footer sidebar and search for the Navigation Menu widget.

Then choose the custom menu you added earlier from the drop-down list of the widget settings. Don’t forget to click the Save button to confirm the changes. 

Now you can visit any page on your website to see your privacy policy link in the footer area.

Manually Adding Your Privacy Policy Link to WordPress

If you find that your WordPress theme doesn’t have a footer widget area, you can manually add a link to your privacy policy page to your footer with HTML code.

To do this, you’ll have to edit a file in your theme called footer.php. Editing theme files can be tricky if you haven’t done it before, so read up on how to copy and paste code in WordPress here.

Now, in your footer.php file, add the following HTML code snippet just before the </body> tag.

<a href="http://example.com/privacy-policy">Privacy Policy</a>

Don’t forget to replace the example URL above with the URL of your privacy policy page. With that done, save the changes, and when you preview your website, you’ll see the link in action.

Frequently Asked Questions

And that’s all!

You now know how to create a WordPress Privacy Policy page for informing website visitors of the data you collect.

We hope this article was helpful, and if you’re interested in adding more ways for visitors to contact you, check out this tutorial on how to make a click-to-call link in WordPress.

And don’t forget to follow us on Facebook and Twitter for more helpful tips and tutorials.

Stacey Corrin Writer

Stacey has been writing about WordPress and digital marketing for over 10 years and on other topics for much longer. Alongside this, she's fascinated with web design, user experience, and SEO.

See Full Bio

WordPress SEO Content Marketing Digital Marketing SaaS Copywriting Web Design