On this page
- What is a privacy policy?
- Essential components of a good privacy policy
- Where to post your privacy policy
- Additional resources
What is a privacy policy?
A privacy policy is a legal document that outlines how your organization collects, uses, stores, and protects the personal information of its website visitors and users. A privacy policy that is visible and accessible on your website is essential for building trust with website visitors and ensuring compliance with global data protection regulations.
For ideas on where to post your privacy policy, visit Your organization's policies. MC Professional has partnered with Termly to help you create and publish your organization's policies on your website. As an MC Professional customer, you have special access to discounted rates with Termly.
Essential components of a good privacy policy
In general, a privacy policy for a website typically includes the following elements:
- Information Collection: This section describes the types of personal information your organization collects, such as names, email addresses, phone numbers, or any other data gathered through the website, including cookies and other tracking technologies.
- Purpose of Data Collection: It explains why your organization collects this information. This can include purposes like membership sign-up, event registration, newsletter subscriptions, or any other interactions with the website.
- Data Usage: The privacy policy should detail how your organization uses the collected data. For example, it may be used for communication, providing services, improving website functionality, or for marketing and promotions.
- Data Sharing: This section informs users whether your organization shares their data with third parties, such as sponsors, service providers, or affiliated organizations. It should specify the circumstances under which data is shared.
- Data Protection and Security: The policy outlines the measures taken to safeguard user data from unauthorized access or breaches. This might include encryption, secure servers, and access controls.
- User Rights: It describes the rights users have regarding their personal information, such as the right to access, correct, or delete their data, and how they can exercise these rights.
- Cookies and Tracking: If the website uses cookies or other tracking technologies, the privacy policy explains their purpose, how users can manage them, and their consent options.
- Policy Updates: This section informs users that the privacy policy may change over time and how they will be notified of such changes.
- Contact Information: The policy should provide contact details for users to reach out for privacy-related inquiries or concerns.
- Compliance with Legal Requirements: Mention compliance with relevant data protection laws, such as the General Data Protection Regulation (GDPR) in Europe or the California Consumer Privacy Act (CCPA) in the United States, if applicable.
- Effective Date: The privacy policy should have a clear effective date, indicating when it came into effect.
See the Society for Conservation GIS's privacy policy as an example.
Where to post your privacy policy
There are multiple ways to post and share your terms of use with your website's users. Please view the articles below for step-by-step instructions on each:- Upload your privacy policy document to the Media Manager feature of your account.
- Create a privacy policy article and link to it wherever you'd like.
- Add a link to your privacy policy in your website footer.
- Create a consent attribute in your database to track user consent for your privacy policy.
- Reach out to our support team to add a policy or consent banner code snippet to your website.
Additional resources
Data privacy laws that may affect your organization include:
If your organization doesn't already have a privacy policy, here are some resources that may help you create one:
The following are some privacy policy examples from other organizations. It is never advisable to copy and use the policies of another organization verbatim, but the policies linked below may provide examples for you as you design your own organization's privacy policy.