A privacy policy is an important document that outlines how a website or app collects, uses, discloses, and manages user data. It helps build user trust by being transparent about data practices. All websites and apps that process personal data are required to have a privacy policy that is easily accessible to users. This is usually in the form of a dedicated “Privacy Policy” page that contains the full policy text. To make the page easy to find, the privacy policy must be linked to from the website or app’s footer and any other relevant locations, via a URL.
What is a URL?
URL stands for Uniform Resource Locator. It is the technical address that identifies where a resource, like a web page, is located on the internet. A URL is made up of several parts:
| Protocol | The first part of the URL indicates what protocol should be used to access the resource, e.g. “http” or “https” |
| Domain name | This is the name of the specific website, e.g. “example.com” |
| Path | The path shows what specific page or file on that domain is being linked to, e.g. “/privacy” |
Put together in a complete URL it would look something like:
https://www.example.com/privacy
This points the browser to connect securely (https) to the example.com website server, and request the /privacy page in particular.
So in summary, a URL is like the street address for a website resource on the internet.
Linking to the privacy policy
For users to be able to easily access the privacy policy from anywhere on a website or app, the URL of the privacy policy page needs to be added as a link. This can be done by adding anchor tag HTML in the code:
When clicked, this will take users directly to that page.
Some common places that the privacy policy URL should be linked from are:
- The website footer – usually titled “Privacy Policy”
- At the point of data collection, like account registration forms
- Settings pages relating to account or data
- FAQ pages
- About Us page
- Terms of Service page
Having multiple links pointing to the privacy policy from different locations ensures users can easily access the information from wherever they are on the site or app.
Best practices for linking to your privacy policy
Here are some tips on providing access to your privacy policy:
Use a dedicated page
The privacy policy should live on its own separate page with a descriptive URL like “example.com/privacy-policy”. Avoid burying it within Terms of Service or other documents.
Link from the footer
The footer navigation area appears on every page, so adding a “Privacy Policy” link there ensures it is accessible site-wide.
Make the link text descriptive
Say “Privacy Policy” or “Our Privacy Policy”, rather than just “Privacy” or “Policy”. This makes it more visible and clear to users.
Place contextual links
In addition to the footer, add links near where personal data is collected, like sign-up forms.
Use a consistent URL
Keep the same URL for the privacy policy across all pages and platforms. Don’t use different URLs on mobile vs desktop for example.
Highlight new privacy notices
When the privacy policy is updated, use highlighted or pop-up notices across the site or app to inform returning users.
Check functionality regularly
Ensure all privacy policy links work, point to the correct page, and open the right document. Double check whenever changes are made.
By properly implementing privacy policy links in this way, you can provide transparency about data practices and build user trust.
Examples of linking to a privacy policy
Here are some examples of how companies link to their privacy policy pages:
Facebook displays the “Data Policy” link prominently in the footer of every page. There is also a dedicated “Privacy” section under Settings where users can view the policy.
Slack
Slack links to their privacy policy from the account registration form so users can view it before signing up.
Amazon
Amazon places links in both the header and footer to their privacy notice page. They use the descriptive text “Privacy Notice”.
Writing a privacy policy
If you don’t yet have a privacy policy for your website or app, you’ll need to write one before being able to link to it. Here are some tips for writing a privacy policy:
– Outline what personal data you collect from users and why you need it. For example, email addresses for account registration.
– Explain how you use, process, and disclose the data. For example, displaying usernames publicly on the site.
– Include details on third party sharing. This includes analytics services, social media integrations, advertising networks and more.
– Describe the specific security measures you take to protect user data from unauthorized access or hacking. Such as encryption, access controls, and software updates.
– Explain user rights – the ability to access, edit, export and delete their personal data upon request in most cases.
– Disclose any automated decision making or profiling that affects users based on their personal data.
– Provide your contact information for privacy questions and requests. Include an email address and preferably a physical mailing address.
– Review and update your privacy policy whenever your data practices change. At a minimum review it annually.
– Use clear and simple language that can be understood by an average user. Avoid complex legal jargon.
– Format the document with section headings, lists and whitespace for better readability.
Following privacy laws like the GDPR or CCPA, being transparent about data practices, and writing clearly are keys to writing a good privacy policy that builds user trust.
Testing privacy policy links
Once you have created your privacy policy page and placed links to it from your website or app, it is important to test that everything functions correctly:
Check page response
– Click every privacy link and confirm it opens the correct policy page.
– Verify the page loads quickly without errors or timeouts.
Validate on all devices
– Test the privacy links on both desktop and mobile to ensure responsiveness.
– Check different browsers like Chrome, Firefox, Safari, and Edge.
Confirm visibility
– Scroll all pages to footer areas to make sure policy link is visible.
– Resize browser width to verify links remain visible on mobile.
Check after changes
– Retest links after any website or app changes like URL structure changes, redesigns, or CMS migrations.
Periodically re-check
– Revalidate all links at least every few months for rot or errors.
Perform accessibility checks
– Validate the link text is readable by screen readers for the visually impaired.
– Ensure the policy page meets accessibility standards.
By thoroughly testing your privacy links and policy page, you can provide a great user experience and ensure you remain in compliance with legal requirements.
Conclusion
Linking to your privacy policy provides important transparency into your website or app’s data collection and usage practices. By implementing the policy URL in the footer and contextual inline links, using descriptive text, keeping the link consistent across platforms, highlighting notice updates, and thoroughly testing functionality, you can make your privacy information easy to access for users. This helps build user trust and comply with regulations requiring visibility of privacy practices. Be sure to keep your policy document updated as your data handling evolves, and check those links regularly to avoid problems down the road.