Do I still need a privacy policy if I’m a small UK business? The continued updates in EU privacy laws and Brexit may have confused you about what you actually need. We’ll cover some of those frequently asked questions and talk templates in this short post.
The GDPR, which used to be binding law in the UK until Brexit took effect on Dec. 31st, 2020 (Read more about the GDPR and when it applies here.), is now, for the most part, still applicable in the UK as “UK GDPR” as long as no new national data protection act or legislation is passed.
We have an article dedicated to GDPR & Brexit – What it means for businesses and the impact on data protection, which you can access here for further reading.
No matter what size, if your business is based in the UK, you need a privacy policy if you gather personal information from users. This also includes mobile apps, a blog, an eCommerce, and a newsletter. It’s required by law and can be required by third-party services.
The following are the most fundamental components of a privacy policy:
The truth is that the subject of privacy rules is quite complex. As a result, a template for a privacy policy must consider various factors, such as what you are doing on your website that is privacy relevant, not to mention where you and your users are located. That’s difficult to handle when you consider the dozens and dozens of relevant things you may be doing on your site. So…
Privacy information must be up to date, comprehensible, unambiguous, and easily available throughout the website to meet GDPR disclosure and transparency standards.
The GDPR can apply to you whether you live in the EU or have EU users, and the repercussions of non-compliance can be severe. To be compliant, your policy must include at the very least:
Disclose the personal data gathered and the purposes for which they were obtained; provide an accurate list of all third parties with whom the data is shared, and notify users of their data rights.
See this GDPR-compliant privacy policy created with our generator for an example of how these elements come together. Click on the button to open the document:
Just click on the button to open it!
Privacy Policyiubenda makes it easy to comply with legal requirements across multiple countries’ legislation (including the GDPR). With hundreds of available clauses, our privacy policies contain all the elements commonly required across many regions and services while applying the strictest standards by default – giving you the option to fully customize as needed.