(UK GDPR)
Create your privacy policy with data collection notices, lawful basis statements, individual rights, and cookie disclosures.
Professionally drafted — structured following UK GDPR and Data Protection Act 2018 requirements for England and Wales.
Whether you prefer step-by-step guidance or a traditional form, both methods produce the identical professionally-formatted privacy policy. Choose the style that suits you.
One screen at a time — less overwhelming, nothing missed.
Everything on one page — faster if you know what you need.
🔒 Your data never leaves your device — saved locally in your browser only
♻️ Unlimited use — generate privacy policies for every website and project
Download a professionally drafted privacy policy template for UK websites and businesses. Also known as a data protection notice, privacy notice, or GDPR privacy statement. Covers data collection purposes, lawful basis for processing, individual rights, data retention periods, third-party sharing, international transfers, cookie disclosures, and data breach procedures. Structured following UK GDPR and the Data Protection Act 2018 requirements for England and Wales.
Required by UK GDPR for any organisation collecting personal data — websites, apps, and businesses of all sizes.
What UK law requires you to tell people about their data
Clearly explain what personal data you collect — names, emails, payment details, device information, and any other data.
State your lawful basis for processing — consent, contract, legal obligation, legitimate interests, or vital interests.
Explain how people can access, correct, delete, or port their data, and how to complain to the ICO.
UK GDPR and the Data Protection Act 2018 require every business collecting personal data to publish a privacy policy covering lawful basis for processing, data subjects' rights, retention periods, and third-party disclosures — failure to comply risks ICO fines of up to £17.5 million.
UK GDPR (Article 13 & 14) specifies what information you must provide to individuals when collecting their data.
Our template covers all required sections with clear, plain-English explanations.
The ICO can issue fines of up to £17.5 million or 4% of annual global turnover for serious UK GDPR breaches — common enforcement triggers include missing privacy policies, unlawful data sharing, and failure to respond to subject access requests within one month.
A proper privacy policy is your first line of defence against regulatory action.
This privacy policy template covers data collection purposes, lawful basis statements, individual rights sections, data retention schedules, third-party sharing disclosures, international transfer safeguards, cookie information, complaint procedures, and Data Protection Officer contact details.
Related documents: Websites typically also need Cookie Policy, Terms & Conditions, and Data Processing Agreement.
Common privacy policy mistakes include copying American privacy notices that do not meet UK GDPR requirements, failing to specify a lawful basis for each processing purpose, omitting data retention periods, and not explaining how individuals can exercise their rights.
Our template guides you through each section with clear prompts to avoid these issues.
Yes. Under UK GDPR and the Data Protection Act 2018, any organisation that collects personal data must provide clear information about how that data is used.
This applies to websites, apps, and any business collecting customer information — even small businesses and sole traders.
UK GDPR requires specific information: your identity and contact details, what data you collect, why you collect it (lawful basis), how long you keep it, who you share it with, individual rights (access, deletion, portability), how to withdraw consent, and how to complain to the ICO.
Our template covers all required sections.
Yes. Even small websites typically collect personal data through contact forms, email sign-ups, analytics (like Google Analytics), or cookies.
If you collect any personal data — even just names and email addresses — you need a privacy policy regardless of business size.
The ICO can issue fines up to £17.5 million or 4% of annual global turnover for serious GDPR breaches. For smaller violations, fines up to £8.7 million or 2% of turnover apply.
Beyond fines, you risk reputational damage and loss of customer trust.
You can combine them or keep them separate. Many businesses include cookie information within their privacy policy.
However, a separate cookie policy can be clearer for users and easier to update when you change cookies. Our privacy policy template includes cookie sections, but we also offer a dedicated cookie policy template.
You receive free lifetime updates — no subscription required, no monthly fees, ever.
We monitor ICO guidance and UK data protection law changes. When we release an updated version, it appears free in your My Templates page. No extra charges. No recurring fees.
£20 one-time. That's it. No subscriptions, no recurring fees, no "free trial" traps.
Here's what we don't do: Other sites advertise "free templates" — you spend 15 minutes filling one in, then they demand your card for a "free trial" that charges £35–£42/month when you forget to cancel. Worse, many are US-based and don't cover UK GDPR requirements. (Read about the scam)
We're different: £20 upfront for the document you actually need. Build it, preview it, pay only when you're happy. Own it forever with free lifetime updates. Based on UK GDPR. No subscription fatigue.
Stay Informed. Stay Compliant. Get key updates on UK law and compliance changes, straight to your inbox.