Privacy Policies: What to Include
A privacy policy is how you tell people, in writing, what you do with their data. It is a legal requirement under the UK GDPR's transparency principle and a cornerstone of customer trust.
The checklist below is general guidance; tailor it honestly to what your business actually does.
Core Information to Cover
- Who you are and how to contact you.
- What personal data you collect and why.
- Your lawful basis for each use.
- Who you share data with.
- How long you keep it and how it is secured.
- The rights people have and how to exercise them.
Write It for Humans
A good policy is easy to read, free of jargon and laid out with clear headings. Layered notices — a short summary linking to fuller detail — work well online.
Keep It Current
Review your policy whenever you adopt a new tool, change a supplier or start a new activity. An out-of-date policy is as risky as having none, because it misleads people.
Frequently Asked Questions
Can I copy another company's policy?
No. A copied policy almost never matches what you actually do, which makes it inaccurate and unlawful. Write your own.
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.