How to create a privacy policy for your blog

GDPR is just a few weeks away from being implemented! Hopefully, you’ve read my The Ultimate Guide to GDPR for bloggers’  and have understood a little more about what GDPR means and the consequences for your blog. If you’re still feeling overwhelmed, one of the simplest things you can do today is to get your privacy policy sorted!

Why do you need a privacy policy for your blog?

A privacy policy doesn’t have to be a complicated matter. A privacy policy simply outlines…

  • the type of data you’ll take from your readers (likely to be name and emails for blog comments and newsletters; along with cookies that track advertisements if you’re with Google Ads or another ad network and things like plugins)
  • How you will use the data.
  • How the user can ask for their data be deleted.
  • What you’ll do if there’s a data breach.

Many people think they’re not able to still have things like blogging comments on their site, but as long as you have valid reasons for the information you collect, a proper way of collecting it and a clear way to be deleted; a privacy policy is all that’s needed to tie things together.

It makes things super simple and if there are any issues, you can just point people to this part of your blog. It can be updated at any time so you can keep tweaking it as your understanding of GDPR develops. Just make sure your privacy policy is clearly dated, so your reader understands when it was last updated or written.

How to write a privacy policy

I have three blogs so at first, I was a bit baffled about what my privacy policies should look like. The first thing I did was made a list of the data I collected for each of my blogs. e.g.

When bloggers leave a comment they leave an email address and name via a Plug-In.

When bloggers enter a giveaway, they leave their email address and/or social handles via Rafflecopter or my blog commenting system.

When bloggers sign up for my newsletter, they leave their email address.

When I work with bloggers on blogger outreach I collect their bank details and postal address.

When bloggers visit my site and see adverts via cookies.

Then, I used this privacy policy creator. They ask you quite a few different questions (which is good because it means your privacy policy will be targetted to you) and then you have to put your email address in and your policy is sent to your inbox (check your junk because it went to mine!)

It’s not the most user-friendly (it’s in HTML code so you have to copy it into the HTML text version of your blog) and you will need to read it through as there was some US-specific guidance which I deleted. However, I used the template as a base and reworded a few parts so it was a bit more user-friendly.

When I was doing the privacy policy for my second blog, I tried this privacy policy template (as I didn’t want them to be completely identical). I actually think I prefer this one as it was a bit easier to manage-but it wasn’t as personalised.

*Updated* When I first published this post, a few people got in touch to say that they didn’t feel my policy included all the information it needed. My attitude to GDPR is that it will keep being a learning curve for me but I am currently…

Using this very useful GDPR-‘build your own privacy policy’ template to check I’ve included everything I need to and the ICO Privacy Policy checklist. so none of the above links are definitive templates, but they will be a useful starting point for me to keep adding to. There are complaint templates that can be purchased, but for me, personally, I’d like to keep learning and building my own privacy policy-especially since the goal posts seem to be changing!

Uploading your privacy policy

Once you’ve found your privacy policy, I would upload it to your page rather than a blog post. Then make sure your privacy policy is linked to on your homepage and anywhere else you might ask for data, e.g. if you have a newsletter sign-up page or are offering an ebook or free product for your readers. This can be a simple as saying ‘you can read my privacy policy here.’ Make sure it’s clearly dated with your contact information on; and if anything changes, update it with a new date.

If you’re interested you can read my privacy policy for this blog here. (as mentioned above, it is something I am continually working on so please don’t take it as 100% compliant before the 25th May. Hopefully, I will get there by then!)

I hope this blog post has proved helpful and do let me know if you need any more GDPR tips! I’m certainly not an expert but I hope blogging my experiences might be useful!

More Useful Posts to Read

The Ultimate Guide to GDPR 

Your Blog Growth Toolkit

Everything you need to know about tax self-assessment.


Pin It

Leave a Reply

Your email address will not be published. Required fields are marked *