A privacy policy is a legal statement on an app or website clearly outlining what aspects of a user’s data are collected, how it is stored, and what is done with that information. Online activity used to occur like this when sharing information was like the wild west. Thankfully, we’re in a more sophisticated age, though it does require more advanced policies around privacy and data sharing.

Defining A Privacy Policy

As this is a legal document. It’s important all i’s are dotted and t’s crossed. Should a business fail to list that some aspect of data is being stored and users discover this, then the business is open to a fraud lawsuit. The collection and use of data by any third parties connected to your business, app, and website must also be mentioned. Even if you’re not using the data, if a third party in connection to your website or app is, then it has to be listed in your privacy policy as well.

The App's Privacy Policy

A general overview of what you need in a privacy policy:<ul><li>Collection of personal data</li><li>Use of personal data</li><li>Disclosure/sharing of personal data</li><li>Advertising and Analytics Services Provided by Others</li><li>Data Transfers and Retention </li><li>Third-Party Services </li><li>Your preferences</li><li>Privacy rights for California consumers</li></ul>

Things Included In The Privacy Policy

Now that data storing and <a href="https://designli.co/blog/guide-to-monitoring-and-interpreting-your-mobile-app-analytics/">information tracking</a> are common digital practices, it’s important businesses are upfront about how a user’s personal information is managed. Providing clarity around this topic both protects the business from accusations for data mishandling, as well as lets the user make informed decisions about which websites and apps they trust. Mark Zuckerberg’s testimony at a 2018 Senate hearing is an illustrative example of the consequences of privacy policies not accurately reflecting a business’ data practices.

The Need Of A Privacy Policy

In most circumstances, it’s required to have a privacy policy stated on your app, web app, and website. For example, if you want to <a href="https://designli.co/blog/how-to-successfully-submit-your-app-to-the-app-store/">host your app in the Apple app store</a> or Android app stores, then you have to include a clear privacy policy defining how users’ data is used. If you don’t, you can have your app suspended, rejected, or removed from their platforms.

The Two Main Platforms

A few notable privacy laws domestic to the USA are CalOOPA and CCPA. Without getting bogged down in the legal-ese of these laws, the overarching takeaways concern:<ul><li>How and why businesses collect data</li><li>Consumers right to know, consent, and opt-out of data collection</li><li>Penalties for businesses that fail to comply.</li></ul>

The Names Of The Laws

<img width="1920" height="1067" alt="privacy policy blog article" src="https://designli.co/blog/wp-content/uploads/2021/10/jason-dent-JFk0dVyvdvw-unsplash.jpg" srcset="https://designli.co/blog/wp-content/uploads/2021/10/jason-dent-JFk0dVyvdvw-unsplash.jpg 1920w, https://designli.co/blog/wp-content/uploads/2021/10/jason-dent-JFk0dVyvdvw-unsplash-300x167.jpg 300w, https://designli.co/blog/wp-content/uploads/2021/10/jason-dent-JFk0dVyvdvw-unsplash-1024x569.jpg 1024w, https://designli.co/blog/wp-content/uploads/2021/10/jason-dent-JFk0dVyvdvw-unsplash-150x83.jpg 150w, https://designli.co/blog/wp-content/uploads/2021/10/jason-dent-JFk0dVyvdvw-unsplash-768x427.jpg 768w, https://designli.co/blog/wp-content/uploads/2021/10/jason-dent-JFk0dVyvdvw-unsplash-1536x854.jpg 1536w"><img height="100" width="100" src="https://designli.co/blog/wp-content/uploads/2021/09/1629257499921-150x150.jpg"><div>Katie Iannace</div><div dir="ltr"> October 26, 2021</div>This article will dive into what an app privacy policy is, why you need one, what should be included, and the easiest way to get one for your website or app.&nbsp;<h2>What is an App Privacy Policy</h2>A privacy policy is a legal statement on an app or website clearly outlining what aspects of a user’s data are collected, how it is stored, and what is done with that information.&nbsp;Imagine what the world would look like if we did not have clear guidelines around what people did with your personal information. It would be akin to walking into a grocery store to pick up dinner and while there, employees are writing down everything about you. They’d record your home address, interests, search history, purchase history, and credit card number. When you leave the store, you have no idea what they’ll do with all that data nor how long they’ll save it.&nbsp;Online activity used to occur like this when sharing information was like the wild west. Thankfully, we’re in a more sophisticated age, though it does require more advanced policies around privacy and data sharing.<figure><img width="2560" height="1600" alt="Privacy Policy for App" src="https://designli.co/blog/wp-content/uploads/2021/11/Privacy-Policy_v-F-01-edited-scaled.jpg" srcset="https://designli.co/blog/wp-content/uploads/2021/11/Privacy-Policy_v-F-01-edited-scaled.jpg 2560w, https://designli.co/blog/wp-content/uploads/2021/11/Privacy-Policy_v-F-01-edited-300x188.jpg 300w, https://designli.co/blog/wp-content/uploads/2021/11/Privacy-Policy_v-F-01-edited-1024x640.jpg 1024w, https://designli.co/blog/wp-content/uploads/2021/11/Privacy-Policy_v-F-01-edited-150x94.jpg 150w, https://designli.co/blog/wp-content/uploads/2021/11/Privacy-Policy_v-F-01-edited-768x480.jpg 768w, https://designli.co/blog/wp-content/uploads/2021/11/Privacy-Policy_v-F-01-edited-1536x960.jpg 1536w, https://designli.co/blog/wp-content/uploads/2021/11/Privacy-Policy_v-F-01-edited-2048x1280.jpg 2048w"></figure><h3>What needs to be included in an app’s privacy policy?</h3>Only every detail surrounding what is done with users’ data. Easy, right? But remember, this is a legal document. It’s important all i’s are dotted and t’s crossed. Should a business fail to list that some aspect of data is being stored and users discover this, then the business is open to a fraud lawsuit. These points outlined in the privacy policy can cover everything from IP and email address to social security numbers and bank accounts.&nbsp;It’s equally as important to clarify exactly why this data is being used. For example, perhaps storing location coordinates is relevant for showing you what restaurants in your area provide takeout Pad Thai. If an app records a device’s location, then the privacy policy needs to state why. What can’t be done is collecting this information and not stating in the policy how it is being used.&nbsp;What is important to note here is the collection and use of data by any third parties connected to your business, app, and website must also be mentioned. Even if you’re not using the data, if a third party in connection to your website or app is, then it has to be listed in your privacy policy as well.You can use what’s listed below as a general overview of what you need in a privacy policy:<OL><LI>Collection of personal data</LI><LI>Use of personal data</LI><LI>Disclosure/sharing of personal data</LI><LI>Advertising and Analytics Services Provided by Others</LI><LI>Data Transfers and Retention&nbsp;</LI><LI>Third-Party Services&nbsp;</LI><LI>Your preferences</LI><LI>Privacy rights for California consumers</LI></OL><h3>Examples of a Privacy Policy</h3>If you’ve come far enough where you’re needing a privacy policy for an app you’re developing, chances are you’ve had exposure in your life to other versions of one. For example, have you ever used Uber, browsed Reddit, paid someone with Venmo, or ordered a delicious $5 Hot-and-Ready from Little Caesars? If so, there is a privacy policy outlining how your information is being stored and used on those sites.<figure><img width="1300" height="766" alt="example of privacy policy footer links" src="https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-04-at-1.20.52-PM.png" srcset="https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-04-at-1.20.52-PM.png 1300w, https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-04-at-1.20.52-PM-300x177.png 300w, https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-04-at-1.20.52-PM-1024x603.png 1024w, https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-04-at-1.20.52-PM-150x88.png 150w, https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-04-at-1.20.52-PM-768x453.png 768w"></figure><h2>Why do you need an app privacy policy?</h2>Now that data storing and <a href="https://designli.co/blog/guide-to-monitoring-and-interpreting-your-mobile-app-analytics/" dir="ltr">information tracking</a> are common digital practices, it’s important businesses are upfront about how a user’s personal information is managed. Providing clarity around this topic both protects the business from accusations for data mishandling, as well as lets the user make informed decisions about which websites and apps they trust. Mark Zuckerberg’s testimony at a 2018 Senate hearing is an illustrative example of the consequences of privacy policies not accurately reflecting a business’ data practices.<h3 dir="ltr">Privacy Policies for iOS and Android Platforms</h3>In most circumstances, it’s required to have a privacy policy stated on your app, web app, and website. For example, if you want to <a href="https://designli.co/blog/how-to-successfully-submit-your-app-to-the-app-store/" dir="ltr">host your app in the Apple app store</a> or Android app stores, then you have to include a clear privacy policy defining how users’ data is used. If you don’t, you can have your app suspended, rejected, or removed from their platforms.&nbsp;<h3>It’s the law</h3>Similarly, there are laws protecting individuals’ <a href="https://www.nytimes.com/wirecutter/blog/state-of-privacy-laws-in-us/" rel="noreferrer noopener" dir="ltr">right to privacy</a> concerning their personal information, which extends to online activities.&nbsp;A few notable privacy laws domestic to the USA are <a href="https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/" rel="noreferrer noopener" dir="ltr">CalOOPA</a> and <a href="https://oag.ca.gov/privacy/ccpa" rel="noreferrer noopener" dir="ltr">CCPA</a>. Without getting bogged down in the legal-ese of these laws, the overarching takeaways concern:<UL><LI>How and why businesses collect data</LI><LI>Consumers right to know, consent, and opt-out of data collection</LI><LI>Penalties for businesses who fail to comply</LI></UL>These laws were designed to protect the rights of consumers who also are residents of California. However, even if you don’t live in California, your business isn’t based there, nor are you even targeting Californians, if there is the chance that a California resident might stumble across your app or website, then you need to make sure your privacy policy is in accordance with these laws.&nbsp;Though there isn’t one overarching federal law concerning online privacy, there is an alphabet soup of laws (like the <a href="https://www.ftc.gov/tips-advice/business-center/privacy-and-security/gramm-leach-bliley-act" rel="noreferrer noopener" dir="ltr">GLBA</a> and <a href="https://www.ftc.gov/enforcement/statutes/federal-trade-commission-act" rel="noreferrer noopener" dir="ltr">FTCA</a>) that cover niche regulations that must be followed.&nbsp;Finally, if you are working on a global website or app with users outside the U.S., then it’s important to note the European Union has a <a href="https://gdpr-info.eu/" rel="noreferrer noopener" dir="ltr">General Data Protection Regular (GDPR)</a>. This law is stricter than any of ours in the U.S. and is actively enforced, stressing the need to maintain stringent user data protection and privacy.&nbsp;<figure><img width="1299" height="463" alt="lululemon privacy policy example" src="https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-06-at-12.03.49-PM.png" srcset="https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-06-at-12.03.49-PM.png 1299w, https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-06-at-12.03.49-PM-300x107.png 300w, https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-06-at-12.03.49-PM-1024x365.png 1024w, https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-06-at-12.03.49-PM-150x53.png 150w, https://designli.co/blog/wp-content/uploads/2021/10/Screen-Shot-2021-10-06-at-12.03.49-PM-768x274.png 768w"></figure><h2>Privacy Policy Generators</h2>Are you feeling overwhelmed yet? Don’t worry, as a law degree certainly isn’t necessary to obtain an encompassing privacy policy.&nbsp;There are a handful of sites out there where you can generate a privacy policy for your app. Free options are fairly basic, but if you’re running a simple site, like a blog that only collects emails, then it should do the trick. For modest one-time fees, there are more customizable options suitable for more robust websites and apps.&nbsp; These policy generators are great for most app and web developers and remove the need for a legal background. The forms will ask you some easy to know questions about your business model, app, or website. After plugging in your answers, you’ll be emailed a complete privacy policy that you can copy over to your website. Of course, if you’re having another <a href="https://designli.co/blog/a-step-by-step-process-for-app-development/" dir="ltr">company build your app</a>, then that team will likely have a privacy policy template that will customize to your business and drop into your app.<h2>Privacy Policy Confidence&nbsp;</h2>When it comes to understanding privacy policies for apps and websites, think of it like a tax return. It’s important to know what it is and why we do it. But we don’t need to know how to do it ourselves. It’s best left to the professionals. Instead, put those extra hours towards furthering your app/website and creating an awesome product.&nbsp;Interested in learning about other essential elements that go into an app or web app? <a href="https://designli.co/schedule-a-consultation" dir="ltr">Get in touch! </a>&nbsp;You might also like:

An app's privacy policy states what data from a user is collected and how it is stored. There are specific topics included in the policy.

Stashed ideas

This article will dive into what an app privacy policy is, why you need one, what should be included, and the easiest way to get one for your website or app.

A privacy policy is a legal statement on an app or website clearly outlining what aspects of a user’s data are collected, how it is stored, and what is done with that information.

Imagine what the world would look like if we did not have clear guidelines around what people did with your personal information. It would be akin to walking into a grocery store to pick up dinner and while there, employees are writing down everything about you. They’d record your home address, interests, search history, purchase history, and credit card number. When you leave the store, you have no idea what they’ll do with all that data nor how long they’ll save it.

Online activity used to occur like this when sharing information was like the wild west. Thankfully, we’re in a more sophisticated age, though it does require more advanced policies around privacy and data sharing.

What needs to be included in an app’s privacy policy?

Only every detail surrounding what is done with users’ data. Easy, right? But remember, this is a legal document. It’s important all i’s are dotted and t’s crossed. Should a business fail to list that some aspect of data is being stored and users discover this, then the business is open to a fraud lawsuit. These points outlined in the privacy policy can cover everything from IP and email address to social security numbers and bank accounts.

It’s equally as important to clarify exactly why this data is being used. For example, perhaps storing location coordinates is relevant for showing you what restaurants in your area provide takeout Pad Thai. If an app records a device’s location, then the privacy policy needs to state why. What can’t be done is collecting this information and not stating in the policy how it is being used.

What is important to note here is the collection and use of data by any third parties connected to your business, app, and website must also be mentioned. Even if you’re not using the data, if a third party in connection to your website or app is, then it has to be listed in your privacy policy as well.

You can use what’s listed below as a general overview of what you need in a privacy policy:

<ol><li>Collection of personal data </li><li>Use of personal data </li><li>Disclosure/sharing of personal data </li><li>Advertising and Analytics Services Provided by Others </li><li>Data Transfers and Retention  </li><li>Third-Party Services  </li><li>Your preferences </li><li>Privacy rights for California consumers </li> </ol>

If you’ve come far enough where you’re needing a privacy policy for an app you’re developing, chances are you’ve had exposure in your life to other versions of one. For example, have you ever used Uber, browsed Reddit, paid someone with Venmo, or ordered a delicious $5 Hot-and-Ready from Little Caesars? If so, there is a privacy policy outlining how your information is being stored and used on those sites.

Now that data storing and <a href="https://designli.co/blog/guide-to-monitoring-and-interpreting-your-mobile-app-analytics/">information tracking </a>are common digital practices, it’s important businesses are upfront about how a user’s personal information is managed. Providing clarity around this topic both protects the business from accusations for data mishandling, as well as lets the user make informed decisions about which websites and apps they trust. Mark Zuckerberg’s testimony at a 2018 Senate hearing is an illustrative example of the consequences of privacy policies not accurately reflecting a business’ data practices.

Privacy Policies for  iOS and Android Platforms

In most circumstances, it’s required to have a privacy policy stated on your app, web app, and website. For example, if you want to <a href="https://designli.co/blog/how-to-successfully-submit-your-app-to-the-app-store/">host your app in the Apple app store </a>or Android app stores, then you have to include a clear privacy policy defining how users’ data is used. If you don’t, you can have your app suspended, rejected, or removed from their platforms.

Similarly, there are laws protecting individuals’ <a href="https://www.nytimes.com/wirecutter/blog/state-of-privacy-laws-in-us/">right to privacy </a>concerning their personal information, which extends to online activities.

A few notable privacy laws domestic to the USA are <a href="https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/">CalOOPA </a>and <a href="https://oag.ca.gov/privacy/ccpa">CCPA </a>. Without getting bogged down in the legal-ese of these laws, the overarching takeaways concern:

<ul><li>How and why businesses collect data </li><li>Consumers right to know, consent, and opt-out of data collection </li><li>Penalties for businesses who fail to comply </li> </ul>

These laws were designed to protect the rights of consumers who also are residents of California. However, even if you don’t live in California, your business isn’t based there, nor are you even targeting Californians, if there is the chance that a California resident might stumble across your app or website, then you need to make sure your privacy policy is in accordance with these laws.

Though there isn’t one overarching federal law concerning online privacy, there is an alphabet soup of laws (like the <a href="https://www.ftc.gov/tips-advice/business-center/privacy-and-security/gramm-leach-bliley-act">GLBA </a>and <a href="https://www.ftc.gov/enforcement/statutes/federal-trade-commission-act">FTCA </a>) that cover niche regulations that must be followed.

Finally, if you are working on a global website or app with users outside the U.S., then it’s important to note the European Union has a <a href="https://gdpr-info.eu/">General Data Protection Regular (GDPR) </a>. This law is stricter than any of ours in the U.S. and is actively enforced, stressing the need to maintain stringent user data protection and privacy.

Are you feeling overwhelmed yet? Don’t worry, as a law degree certainly isn’t necessary to obtain an encompassing privacy policy.

There are a handful of sites out there where you can generate a privacy policy for your app. Free options are fairly basic, but if you’re running a simple site, like a blog that only collects emails, then it should do the trick. For modest one-time fees, there are more customizable options suitable for more robust websites and apps.  These policy generators are great for most app and web developers and remove the need for a legal background. The forms will ask you some easy to know questions about your business model, app, or website. After plugging in your answers, you’ll be emailed a complete privacy policy that you can copy over to your website. Of course, if you’re having another <a href="https://designli.co/blog/a-step-by-step-process-for-app-development/">company build your app </a>, then that team will likely have a privacy policy template that will customize to your business and drop into your app.

When it comes to understanding privacy policies for apps and websites, think of it like a tax return. It’s important to know what it is and why we do it. But we don’t need to know how to do it ourselves. It’s best left to the professionals. Instead, put those extra hours towards furthering your app/website and creating an awesome product.

Interested in learning about other essential elements that go into an app or web app? <a href="https://designli.co/schedule-a-consultation">Get in touch! </a>

You might also like:

Bite-sized knowledge
to upgrade
your career

What is an App Privacy Policy and How to Create One - Designli Blog

Defining A Privacy Policy

The App's Privacy Policy

Things Included In The Privacy Policy

The Need Of A Privacy Policy

The Two Main Platforms

The Names Of The Laws

IDEAS ABOUT

MORE LIKE THIS

What exactly are dieting apps doing with all your data?

Developing an Access Control Policy - business.com

Lessons from onboarding mobile-app users

It's time to

READ

LIKE

A PRO!

Bite-sized knowledgeto upgradeyour career

What is an App Privacy Policy and How to Create One - Designli Blog

Defining A Privacy Policy

The App's Privacy Policy

Things Included In The Privacy Policy

The Need Of A Privacy Policy

The Two Main Platforms

The Names Of The Laws

IDEAS ABOUT

MORE LIKE THIS

What exactly are dieting apps doing with all your data?

Developing an Access Control Policy - business.com

Lessons from onboarding mobile-app users

It's time to

READ

LIKE

A PRO!

Bite-sized knowledge
to upgrade
your career