Skip to content
LegalDocs

Privacy Policy Generator

Generate a free GDPR-compliant privacy policy for your website. Covers data collection, cookies, user rights, and third-party services.

Important Legal Disclaimer

This document is a template for guidance purposes only and does not constitute legal advice. We strongly recommend having this document reviewed by a qualified solicitor before use. LegalDocs accepts no liability for any loss arising from use of this template.

Laws vary by jurisdiction and individual circumstances. This template may not be suitable for your specific situation without professional modification.

Business Details

Your registered business or trading name

The full URL of the website this policy applies to

Email address where users can send data protection requests

Data Collected

Third-Party Services

Data Handling

How long you keep user data. GDPR requires you only retain data as long as necessary.

Jurisdiction & Formatting

Document Preview

Privacy Policy

Last updated: 8 March 2026

[BUSINESS NAME] ("we", "us", or "our") operates the website [WEBSITE URL] (the "Site"). This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our Site.

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

The data controller responsible for your personal data is [BUSINESS NAME]. If you have any questions about this Privacy Policy or our data practices, please contact us at [CONTACT EMAIL].

2. Information We Collect

We may collect and process the following personal data:

- Name

- Email address

- Usage data (pages visited, time spent, browser type, device information)

- Cookie data

3. How We Collect Your Data

We collect data in the following ways:

- Directly from you, when you fill in forms, register an account, or contact us.

- Automatically, through cookies and similar tracking technologies when you use our Site.

4. Legal Basis for Processing

We process your personal data on the following legal bases:

(a) Consent: Where you have given us explicit consent to process your data for specific purposes.

(b) Contractual necessity: Where processing is necessary for the performance of a contract with you.

(c) Legal obligation: Where processing is necessary for compliance with a legal obligation.

(d) Legitimate interests: Where processing is necessary for our legitimate business interests, provided these are not overridden by your rights and freedoms.

5. How We Use Your Data

We use your personal data to:

- Provide and maintain our services;

- Respond to your enquiries and provide customer support;

- Send you service-related communications;

- Analyse how our Site is used to improve our services;

- Comply with legal obligations.

6. Third-Party Services

We may share your data with the following third-party services:

- Google Analytics (website usage analysis)

These third parties have their own privacy policies and we recommend reviewing them. We do not sell your personal data to any third party.

7. Data Retention

We will retain your personal data for a period of 12 months from the date of collection, or for as long as is necessary to fulfil the purposes for which it was collected. After this period, your data will be securely deleted or anonymised.

8. Cookies

We use the following types of cookies:

- Essential cookies: Required for the basic functionality of our Site.

- Analytics cookies: Used to understand how visitors interact with our Site (e.g. Google Analytics). These cookies collect information anonymously.

You can control cookie preferences through your browser settings. Disabling certain cookies may affect your experience of our Site.

9. Your Rights

Under the UK General Data Protection Regulation (UK GDPR), you have the following rights:

(a) Right of access: You may request a copy of the personal data we hold about you.

(b) Right to rectification: You may request that we correct any inaccurate or incomplete data.

(c) Right to erasure: You may request that we delete your personal data, subject to certain conditions.

(d) Right to restrict processing: You may request that we limit the processing of your data.

(e) Right to data portability: You may request that we transfer your data to another organisation in a structured, commonly used format.

(f) Right to object: You may object to the processing of your data for certain purposes, including direct marketing.

(g) Rights related to automated decision-making: You have the right not to be subject to decisions based solely on automated processing.

To exercise any of these rights, please contact us at [CONTACT EMAIL]. We will respond within one month of receiving your request.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

11. International Transfers

Where we transfer your personal data outside the UK, we ensure that appropriate safeguards are in place, such as standard contractual clauses approved by the Information Commissioner's Office (ICO).

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.

13. Complaints

If you are not satisfied with our handling of your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

14. Governing Law

This Privacy Policy and any disputes arising from it shall be governed by and construed in accordance with the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales.

15. Contact Us

If you have any questions about this Privacy Policy, please contact us at: [CONTACT EMAIL]