Your customers will be able to see your privacy policy and how it uses their data. A well-written Privacy Policy for Shopify not only is it right but also legally required. Before you publish your Shopify store, it is important to have one.
This post will show you how to create and post a Shopify privacy policy. It also shows how to properly link to it.
Do Shopify Stores Need a Privacy Policy?
You must have a privacy policy in place for Shopify stores. It is required by law.
Websites that have users from certain states and regions must follow certain standards and laws when creating privacy policies, such as the General Data Protection Regulation of the European Union and the California Consumer Privacy Act. These requirements will be covered in greater detail in the following article.
Shopify’s privacy policy also requires you to have a privacy policy in your store.
Shopify’s privacy policies states under the section ” Customer information“, that you are responsible to ensure that customers understand how you collect and use their personal data.
This can be done by creating a privacy statement that lists the personal information you have, who you share it with and how it is used.
Shopify should have its own privacy policy.
- It builds trust with customers. One shows transparency and a company that values ethics and compliance more than profits.
- This limits your legal liability. You can get in trouble if there isn’t a valid privacy policy. There are many regulations that require it.
- It’s right to do it: Finally, a privacy policy is a good thing for Shopify. It is important that users know how you will use their data, and what they have the ability to do with it.
How to create a Shopify Privacy policy
There are three main methods to create a Shopify privacy policy.
Recommended: Managed Solution
Our privacy generator is a great option if you don’t have a lot of time or don’t want the hassle of getting it right.
You will receive a Privacy Policy that we automatically generate for your Shopify store. You don’t have to create clauses from scratch. All you need to do is answer some questions about how your business uses and handles customers’ data.
Use a template
You can use our privacy template if you have more time and are looking to create some language or clauses from scratch.
This template includes all the sections needed to create a Shopify privacy policy. You don’t have to use the templates.
In Microsoft Word and Google Docs you can edit, delete, or add language to make the policy say what it wants. If you are happy with the template, there is no need to modify, add or remove anything.
Do it Yourself (Not recommended)
If you are looking to have complete control over privacy policy creation, the do-it yourself approach is a good option. Although you can create a privacy plan that says exactly what you want, if you aren’t sure what it should say, you should avoid this option.
This is the way to go. Read our guidelines to learn how to create your Shopify privacy policies .
What to include in your Shopify Store Privacy Policy
Your Shopify privacy policy must cover many things. Let’s first look at what Shopify requires from you in your privacy policy.
What Shopify requires you to include in your Privacy Policy
Shopify requires that you mention the following. These may not necessarily be required by law.
1. How to collect personal data
This section should be included in your privacy policy. This section should include information about the personal data you collect and how it is collected.
You can include all information that you collect from your users by going through the Shopify store registration process. Make a list of all information required.
- Names
- Email addresses
- Billing addresses
- Shipping addresses
- Phone numbers
- Credit card details
Other personal information that Shopify stores may collect from customers includes:
- Type of browser
- IP address
- Device ID
- Cookie data
- Which website brought a user to your shop
While some of the data might not seem particularly personal to you, it is still considered “personal data” under the GDPR. You should investigate how Shopify collects and processes this type of personal information.
2. How to use your personal information
It is also important to explain how your website uses personal data. You must also discuss in detail why your website collects personal information from users.
You might be collecting personal information to run an ecommerce store, for example:
- Email addresses to update customers on their orders, and send marketing emails
- Shipping addresses for customers’ orders
- For payment processing, billing addresses, names and details of the payment card are required.
- Cookies for targeted advertisement and security purposes
3. Privacy rights of your customers
Nearly all privacy laws require that you outline the privacy rights of your customers.
Be sure to mention these:
- What can users do to modify, delete, or change their personal data?
- What can users do to opt-out of cookies and other tracking techniques
- Contact anyone with questions regarding their privacy rights
What the law requires you to have in your Shopify Privacy Policy
Also, ensure that your Shopify privacy policies comply with the data privacy laws.
It is important to include language that addresses all requirements, regardless of where your users and you are located. Anyone can access your website from any country.
General Data Protection Regulation (GDPR).
The GDPR is a high standard for privacy regulation. Referring to the GDPR for your privacy policy will allow you to cover all bases.
You must adhere to the GDPR if you handle personal data from EU residents. Even if your business is located in the US, and you have many customers from the US, you must create a GDPR-compliant privacy statement.
These are the things you should add to your Shopify privacy policies to ensure it is GDPR-compliant
- Contact details for Shopify: List the name and contact information of your representative.
- Contact details for your data protection officer: The GDPR requires that you appoint an DPO in certain situations. Your privacy policy should include the contact information of your DPO if your Shopify store falls within one of these categories.
- Contact details for the EU representative: If you are a data controller outside of the EU, it may be necessary to appoint an EU representative on your Shopify site. Your privacy policy should include the name and contact information of your EU representative so that EU users can reach them as necessary.
- It doesn’t matter if you use an automated decision-making tool or how you use it. This rule probably won’t apply to most Shopify shops. Talk about the setup and possible consequences of such a system if you have a Shopify store.
California Online Privacy Protection Act (CalOPPA)
CalOPPA refers to a smaller version of GDPR. There are however two requirements that are specific to it.
First, CalOPPA mandates that you inform your customers when you update your store’s privacy policy. To let people know which version of your policy is being read, you must place the last effective date of your privacy policies at the top of your privacy page. Your customers should also be informed about how they can get updates on your privacy notice.
Second,It stands out from the text surrounding it (i.e., uses a different size, color or font).
Children’s Online Privacy Protection Act
If Shopify stores collect personal information from children younger than 13, ensure that your privacy policy is in compliance with the Children’s Online Privacy Protection Act.
COPPA is a US law. It applies to all companies and websites that collect information from children under 13 years of age in the US.
Your store’s privacy policies must comply with COPPA regulations. It should include a section explaining how you collect and use children’s personal information. It is also important to explain the rights of their parents over their data.
California Consumer Privacy Act (CCPA)
California or the United States do not require a physical presence, nor is an office, to be included in the CCPA. However, California residents can still access data collected by your company if you meet the following requirements:
- You have annual net revenues of at least 25 million.
- You can earn 50% or more from selling Californian customers’ personal information.
- Each year, you buy, receive, sell, or trade personal information from more than 50,000 California residents, households or devices.
It is very similar to drafting a GDPR compliant privacy notice for Shopify. You don’t need to appoint an EU representative. Simply modify the language to meet the CCPA requirements. You should still cover the same points.
California residents have the right to ask that your personal data be deleted and that you give them a copy.
Shopify offers built-in features that allow you to do so. A dedicated page explains how to use the services in CCPA compliant.
How to add a privacy policy page to your Shopify store
Once you have created a privacy policy it is time to add it in your Shopify store.
This is how to add a Privacy Policy Page to Shopify. Step-by-step.
Step 1 : Login to Shopify and click ” Online Shop ” in the navigation bar.
Step 2 Next, click on ” pages.” Finally, click the green ” add page” button at the top right.
Step 3 Enter “Privacy Policy” into the title field. Next, copy and paste your privacy policy in the content field.
Step 4 : Once you’re done click ” Save“. Your Shopify dashboard will now include your store’s privacy policies. You’ll be able link to them throughout your shop.
How to link to your Shopify Store Privacy Policy
The majority of ecommerce privacy policies can be linked from within a website’s footer.
How to add a link in your Shopify privacy policy:
Step 1 Click on ” Navigation“, in the navigation bar to the left.
Step 2 To add your privacy policy in your footer, click ” Footer Menu” under the ” Men ” menu.
Step 3 Next, click ” Create menu item.”
Step 4 : From the right, a sidebar will appear. Enter “Privacy Policy”, and you will be able to search for the privacy policy page that was recently published. You’re done.
Shopify Store Privacy Policies: Good examples
These are great examples of Shopify privacy policies that you can refer to.
Enjoy Foods
Partake Foods is a snack company that has an easy-to access link in its footer to its privacy policies.
Although the actual privacy policy contains a lot of information it is easy to understand because everything has been sorted into sections.
Here is an example of a section that clearly explains why the website collects their personal information.
Hiut Denim Co.
Hiut Denim Co., a U.K.-based clothing retail company. It features a minimalistic footer that links to its privacy policy.
The privacy policy, is also very simple . It’s as comprehensive as Partake Foods privacy policy. Hiut Denim uses lists instead of writing everything in complete sentences.
Because lists are shorter and easier to read, this is a smart decision by the company. These lists are also less intimidating which makes it easier for users to absorb and read the privacy policy.
Summary
Make sure that you have a valid privacy statement before you publish your Shopify store. Shopify requires privacy policies.
A privacy policy for your Shopify store should also be included. Customers deserve to know the details of what information you collect about them, and their rights to correct or delete that information.
