Articles on: Legal Policies

What are the GDPR privacy policy requirements?

Article 12 of the GDPR requires that you communicate information about your processing of personal data in a way that is:

in clear and plain language
easily accessible
free of charge

In general, most privacy laws require you to inform your users about the following:

name (or business name), location, and contact information
what information you’re collecting from them (including names, email addresses, IP addresses, and any other information)
what methods you are using to collect their information, e.g. cookies
the purpose of collecting this information
how you’re keeping their information safe
whether or not it’s optional for them to share that information, how they can opt out, and the consequences of doing so
any third-party services you’re using to collect, process, or store that information (such as an e-mail newsletter service, or advertising network)

You must be mindful of getting all of the relevant and required information about your store into your GDPR privacy policy.

Don't have a Privacy Policy/Terms & Conditions page on your store yet? Follow these instructions to see how you can create your store policies.

Updated on: 31/01/2023

Was this article helpful?

Share your feedback


Thank you!