What should a privacy policy include?
A concise guide to the information businesses should collect before preparing a website privacy policy.
Short answer
A privacy policy should identify what data is collected, why it is collected, how it is used, which vendors or tools handle it, how long it may be kept, how users can contact the business, and which choices or request routes are relevant. The policy should match the site's actual forms, accounts, analytics, advertising pixels, payments, support tools, newsletters, embeds, and customer journey. paulkrieger prepares privacy policy drafts from that operational inventory, then surfaces missing information and assumptions for client review instead of treating the policy as a generic template.
Map data before drafting
List contact forms, account fields, payment providers, analytics tools, ad pixels, email tools, embedded media, support systems, and hosting providers. The policy should be built from that inventory.
Write for users, not just keywords
Users should understand what is collected and why without parsing internal compliance language. Short sections, clear labels, and concrete examples make the document easier to review and maintain.
Flag uncertain scope
If the business sells internationally, uses advertising cookies, handles sensitive data, or has complex vendor flows, the draft should include explicit assumptions and specialist-review flags.
Questions this guide answers.
What should a privacy policy include?+
A privacy policy should identify collected data, collection reasons, use cases, vendors, retention assumptions, user contact routes, and relevant choices or rights. paulkrieger prepares the draft from the site's actual tools and customer journey.
What should I map before drafting a privacy policy?+
Map contact forms, accounts, payments, analytics, advertising pixels, email tools, embedded media, support systems, hosting providers, and existing notices before drafting. The policy should be built from that inventory.
When is a privacy policy scope uncertain?+
Scope is often uncertain when the business sells internationally, uses advertising cookies, handles sensitive data, or has complex vendor flows. The draft should make assumptions and specialist-review flags visible.
Price and promise
- Any document - $49
- Pack of 4 - $149
- Pack of 8 - $279
- Prepared within 2 working hours, 7:00-19:00 Central European Time
- Up to 5 revisions per order goal, no extra cost
- Brief us once. Operator follows up with focused questions when needed
- Human-prepared files delivered through your account
Turn this guide into a prepared document.
Privacy policy for website preparation beyond a free generator
Human-supervised privacy policy preparation for websites, SaaS products, ecommerce stores, apps, and online services.
GDPR-facing privacy policy preparation for EU website workflows
GDPR privacy policy, privacy notice, cookie, and DPA preparation for EU-facing websites, SaaS products, ecommerce stores, and apps.
Privacy policy generator alternative with human-supervised preparation
A privacy policy generator alternative for businesses that need a document prepared from their real website, tools, vendors, and data flow.