Websites that have users from certain states and regions must follow certain standards and laws when creating privacy policies, such as the General Data Protection Regulation of the European Union and the California Consumer Privacy Act. These requirements will be covered in greater detail in the following article.
Shopify’s privacy policies states under the section ” Customer information“, that you are responsible to ensure that customers understand how you collect and use their personal data.
This can be done by creating a privacy statement that lists the personal information you have, who you share it with and how it is used.
- It builds trust with customers. One shows transparency and a company that values ethics and compliance more than profits.
Recommended: Managed Solution
Our privacy generator is a great option if you don’t have a lot of time or don’t want the hassle of getting it right.
Use a template
You can use our privacy template if you have more time and are looking to create some language or clauses from scratch.
In Microsoft Word and Google Docs you can edit, delete, or add language to make the policy say what it wants. If you are happy with the template, there is no need to modify, add or remove anything.
Do it Yourself (Not recommended)
This is the way to go. Read our guidelines to learn how to create your Shopify privacy policies .
Shopify requires that you mention the following. These may not necessarily be required by law.
1. How to collect personal data
You can include all information that you collect from your users by going through the Shopify store registration process. Make a list of all information required.
- Email addresses
- Billing addresses
- Shipping addresses
- Phone numbers
- Credit card details
Other personal information that Shopify stores may collect from customers includes:
- Type of browser
- IP address
- Device ID
- Cookie data
- Which website brought a user to your shop
While some of the data might not seem particularly personal to you, it is still considered “personal data” under the GDPR. You should investigate how Shopify collects and processes this type of personal information.
2. How to use your personal information
It is also important to explain how your website uses personal data. You must also discuss in detail why your website collects personal information from users.
You might be collecting personal information to run an ecommerce store, for example:
- Email addresses to update customers on their orders, and send marketing emails
- Shipping addresses for customers’ orders
- For payment processing, billing addresses, names and details of the payment card are required.
- Cookies for targeted advertisement and security purposes
3. Privacy rights of your customers
Nearly all privacy laws require that you outline the privacy rights of your customers.
Be sure to mention these:
- What can users do to modify, delete, or change their personal data?
- What can users do to opt-out of cookies and other tracking techniques
- Contact anyone with questions regarding their privacy rights
Also, ensure that your Shopify privacy policies comply with the data privacy laws.
It is important to include language that addresses all requirements, regardless of where your users and you are located. Anyone can access your website from any country.
General Data Protection Regulation (GDPR).
You must adhere to the GDPR if you handle personal data from EU residents. Even if your business is located in the US, and you have many customers from the US, you must create a GDPR-compliant privacy statement.
These are the things you should add to your Shopify privacy policies to ensure it is GDPR-compliant
- Contact details for Shopify: List the name and contact information of your representative.
- It doesn’t matter if you use an automated decision-making tool or how you use it. This rule probably won’t apply to most Shopify shops. Talk about the setup and possible consequences of such a system if you have a Shopify store.
California Online Privacy Protection Act (CalOPPA)
CalOPPA refers to a smaller version of GDPR. There are however two requirements that are specific to it.
Children’s Online Privacy Protection Act
COPPA is a US law. It applies to all companies and websites that collect information from children under 13 years of age in the US.
Your store’s privacy policies must comply with COPPA regulations. It should include a section explaining how you collect and use children’s personal information. It is also important to explain the rights of their parents over their data.
California Consumer Privacy Act (CCPA)
California or the United States do not require a physical presence, nor is an office, to be included in the CCPA. However, California residents can still access data collected by your company if you meet the following requirements:
- You have annual net revenues of at least 25 million.
- You can earn 50% or more from selling Californian customers’ personal information.
- Each year, you buy, receive, sell, or trade personal information from more than 50,000 California residents, households or devices.
It is very similar to drafting a GDPR compliant privacy notice for Shopify. You don’t need to appoint an EU representative. Simply modify the language to meet the CCPA requirements. You should still cover the same points.
California residents have the right to ask that your personal data be deleted and that you give them a copy.
Shopify offers built-in features that allow you to do so. A dedicated page explains how to use the services in CCPA compliant.
Step 1 : Login to Shopify and click ” Online Shop ” in the navigation bar.
Step 2 Next, click on ” pages.” Finally, click the green ” add page” button at the top right.
Step 4 : Once you’re done click ” Save“. Your Shopify dashboard will now include your store’s privacy policies. You’ll be able link to them throughout your shop.
The majority of ecommerce privacy policies can be linked from within a website’s footer.
Step 1 Click on ” Navigation“, in the navigation bar to the left.
Step 3 Next, click ” Create menu item.”
Shopify Store Privacy Policies: Good examples
These are great examples of Shopify privacy policies that you can refer to.
Partake Foods is a snack company that has an easy-to access link in its footer to its privacy policies.
Here is an example of a section that clearly explains why the website collects their personal information.
Hiut Denim Co.
Make sure that you have a valid privacy statement before you publish your Shopify store. Shopify requires privacy policies.