Every UK website that collects personal data needs a Privacy Policy. Here's exactly what yours must include under UK GDPR and the Data (Use and Access) Act…
If your website collects any personal data — even just an email address — you are legally required to have a Privacy Policy. Here is what it needs to cover and why.
UK GDPR (the UK's retained version of the EU General Data Protection Regulation) requires every data controller to provide transparent information about how they collect and process personal data. A Privacy Policy is how you do that. Without one, you are in breach of data protection law and can be fined by the ICO.
Loading interactive view…