Privacy policy and legal notice in WordPress

Put privacy policy and legal notice in WordPress

In this article we have to “face” one of the parts of WordPress that bothers us the most (at least to me) but which is also necessary to see, since it is about compliance with an important regulation.

The way I have to deal with it is to put myself in the place of whoever visits my pages , and demand that said protection of my privacy be met.

Today, and in a world as globalized as ours, everything related to privacy and the rights of Internet users has to be taken very seriously .

I know that the subject of the Privacy Policy on a website sounds very like a legal issue, lawyers, an office with a suit and tie … etc.

But in reality it is a fairly easy topic to digest if you know the basic aspects that a good Privacy Policy should have (not to be confused with cookies , that is another topic apart, for this take a look at the best free plugins of Cookies for WordPress ).

Throughout this article I am going to try to gut this topic a bit, and approach it in a more popular way and without so many brushstrokes that sound like Chinese .

At the end of the article you will find a video where I will explain how and where to place your own Privacy Policy page in WordPress.

We started!

What is the famous GDPR or RGPD?




GDPR is the acronym that is equivalent to General Data Protection Regulation (or what is the same in Spanish: RGPD – General Data Protection Regulation ).

This law was approved on April 14, 2016 by the European Commission, and protects the rights and personal data of all citizens of the European Union.

Since May 25, 2018, all websites that are located within the European Union (whose servers are hosted within the EU) must comply with said RGPD (if you want more information in this link you can find what is published by the Official State Gazette (from Spain)).

That is why if you have a website that has something of what we will see below, you must comply with this RGPD regulation and have a Privacy Policy page.


Do I have to have a privacy policy?


Instead of blurting out another rant explaining why, I’m going to focus more on the what.

To put it in the simplest way: if you save any kind of personal data from your visits , you have to have a Privacy Policy page.

But to make it easier, I am going to mention below a series of web elements that save data from your visits , and if you have any of them in your WordPress, you should have a Privacy Policy page.

But do not worry because in the next section I will tell you what you have to put, so as not to make a mess.


 If you have WordPress comments activated on your website …


When someone makes a comment on any article on your blog, they must give their name and email.

From that moment you are already collecting certain information from that user.


 If you have any type of form on your website


Whether it is a contact form, a participation form, a purchase made on your website (payment form), etc., you are collecting all the personal data that the user decides to give you in the fields that you indicate.


 If you have a newsletter subscription opt-in


If you have the typical banner, pop-up or similar, asking visitors to subscribe to your newsletter, and they do so, then you are already collecting at least their email.


 If your website uses Google Analytics or any other analysis tool


Whether Google Analytics (the most common) or any other type of tool to track your visits and their behavior, you will be collecting private information.

For example, you are compiling which pages they visit the most, from which city and country, the language they speak, the device they use to view your website …


 If you use plugins that connect with Facebook, Twitter, Instagram, etc.


If after viewing the information of your social networks on your website (the embedded timelines , the like button on your website, etc.) and the visitor has any type of interaction with these elements, you will already be collecting their personal data (their social profiles) .

We now turn to the most practical part.

We are already clear that in 99% of cases, your website will need to have a Privacy Policy page.

We are going to see in the next section what you should include (I can tell you that it is not too complicated, it is more common sense than anything else! ).


What should I put?


I know you think that it doesn’t matter what you put on this specific page on your website, because nobody reads it.

But there is the double side of the coin.

This page is so important, because whoever reads it is because they are really interested in knowing what it says … and why? Because usually who is so interested … It is because he is angry with you for any reason, and wants to seek legal tickling .

Obviously I can’t tell you exactly what to put, because it depends on your page and what you have on it in relation to the personal data of your visits or users, but I can tell you which elements you should mention yes or yes, so that you have backs covered.

Clarification : I am not a lawyer or a specialist in property law and data protection issues; therefore, I am not responsible for your particular Privacy Policy page. Everyone is responsible for their own content. This article is only a guide.

What, in my personal view, should have a good Privacy Policy page in WordPress is:

  • Say what data you are collecting.
  • Say where on the web this data is collected.
  • Say what purpose is to collect said data.
  • Say how said data is collected (forms, cookies, etc.).
  • If the data collected is transferred to third parties , you have to say so.
  • You have to have a link to the cookies page (take a look at this article on Cookies in WordPress )
  • You have to indicate how long you stay with that data (in the video tutorial I explain where you can see this in WordPress).
  • You have to indicate to the user who visits you, that at any time they can exercise their right to ask you to delete all the data you have about him or her.
  • You have to clearly indicate who you are, your contact information, tax information (if you are a company) and what is the best way to contact you.

I believe that I did not leave any. If so, then add it yourself! Each Privacy Policy page in WordPress is different and unique.

However, I recommend that you take a look at the following Privacy Policy pages, for inspiration :

  • Webempresa Privacy Policy
  • WordPress Privacy Policy


Add privacy policy page to WordPress


Although we are going to see it in more detail in the video in the next section, you have to know that WordPress offers you 3 ways to create and link the Privacy Policy page.

Since recent versions, in a default WordPress installation, there is already a page with a draft status on Privacy Policy.

This page contains a kind of template that you have to finish filling out and publishing on your own.



To add that page (or the one you use if it is not that) to your website, the best place to add it is in the footer .


 Add via menu




By creating a specific menu in Appearance → Menus, you can easily add your privacy page.


 Add using a widget


Add using a widget


Here you can choose to use a menu widget in the widget area you want (usually in the footer ) or use a text widget and there include what we are going to see in the next method.


 Add manually




Here you can simply add a small HTML code with the link to the Privacy Policy page wherever you want, as well as link through the traditional WordPress method said page to the word or words you want.

This is the HTML code that you will need if you decide to use that method:

<a href="/privacy-policy"> Privacy Policy </a>

In this code example, your page should be found at www.yourdomain.com/privacy-policy.

If you mess up this way, simply create a new post , and with the WYSIWYG editor create a link, and copy its HTML (we see it in the video).




As you can see, it is very important to take into account compliance with the RGPD, and have a good Privacy Policy page on your website.

I recommend that you review each of the elements that obtain personal data from visitors to your website, and that you mention them on that page.

Try to make the text easy for everyone on foot to read , with everything neat and clear, and don’t leave anything to mention.

In general, it is important that you keep everything that includes the cybersecurity of your website up to date, you can see this complete security guide for WordPress to ensure that you comply with the regulations, and you are covered from possible hacks.

I hope this article has helped you, and see you in the next one!

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest

About the Author

Submit a Comment

Must be required * marked fields.