MARKETING

What To Include in a GDPR Privacy Notice

With GDPR enforcement just around the corner, businesses across Europe (and the world) are assessing the ways they collect data, and the privacy notices that sit alongside them.

08 January 2018

We're sure you've already read about how GDPR will affect digital marketing, and heard about the importance of including privacy notices across your site. So now you know that you need them, we’re ready to delve deeper into what a privacy notice actually is…

What is a privacy notice?

A privacy notice helps people understand how their personal data is used and make informed decisions about whether to share their data on the back of this knowledge.

Simply put, you need to make sure you tell your website users (data subjects) how you are going to use their data before they give you it.

You can’t do this by simply providing a link to your privacy policy anymore.

Why you need to use privacy notices

GDPR is all about making the world of personal data processing fair and more transparent. Gone are the days of organisations being able to stand by the belief that they “earned” your data, so they can do what they like with it.

Personal data is owned by the individual, not the organisation it has been given to.

As the ICO says, “Being transparent by providing a privacy notice is an important part of fair processing. You can’t be fair if you are not being honest and open about who you are and what you are going to do with the personal data you collect.”

What you need to include in a privacy notice

Under the GDPR, the information you provide about how you process people’s personal data needs to be:

  • Concise, transparent, intelligible and easily accessible

  • Written in clear, plain language (especially if you’re addressing children)

  • Available free of charge

You need to include a privacy notice everywhere on your website that you collect data. It’s essentially a condensed version of your privacy policy that’s tailored to each specific data capture.

When writing a privacy notice, be sure to address the following:

  • What data are you collecting?

  • Who is collecting the data?

  • Will it be shared with any other organisation? Who? (Name them.)

  • Why are you collecting this data?

  • How will you use it?

  • Can they opt out of you using their data later down the line?

  • Include a link to your full privacy policy where users can read about the above in further detail.

What does a privacy notice look like?

Writing your privacy notice should be easy enough - but how should it be presented?
There are two ways to format a privacy notice that the ICO supports.

Layering

The first ICO advocated approach to presenting your privacy notices is through layers.

Layers allow you to provide as much information as you need to in your privacy notice clearly and effectively, without taking up too much space.

The first layer can be a headline such as our “Relax, your data’s safe with us.” Or the ICO’s example, “How will we use the information about you?” Followed by the second layer, collapsable information about data collection and processing. The third layer can then be a link to your privacy policy or a page where users can find more information.

Just in time notices

The second example from the ICO of how to display your privacy notice is through the use of a just in time notice.

As shown below, when a user interacts with a data field, the information about how you will use that specific piece of data appears.

They can then decide if they want to continue, or they can follow a link to read more about how you process user data.


Updating your privacy notices to be in line with GDPR requirements doesn’t need to be as intimidating or complicated as it may initially seem - the focus is all on transparency.

Further information about privacy notices from the ICO can be found here:

https://ico.org.uk/for-organisations/guide-to-data-protection/privacy-notices-transparency-and-control/

https://ico.org.uk/for-organisations/guide-to-data-protection/privacy-notices-transparency-and-control/where-should-you-deliver-privacy-information-to-individuals/ 

https://ico.org.uk/for-organisations/guide-to-data-protection/privacy-notices-transparency-and-control/your-privacy-notice-checklist/ 

Or you can take a look at our privacy policy here!

Share this insight

MORE INSIGHTS

The rise of social search: What 2025 holds for digital marketing
12 February, 2025
The rise of social search: What 2025 holds for digital marketing
The copycat trap — and how to avoid it
04 February, 2025
The Copycat Trap — and how to avoid it
24 January, 2025
What is keyword research and why is it important?
17 January, 2025
How do LinkedIn ads work? A complete guide to paid posts
13 December, 2024
How does PPC work? A Complete Guide to Pay-Per-Click Advertising
X app options on a mobile phone.
29 November, 2024
The next business leaving Platform X is…
Black Friday. How to make it work for you (or not).
22 November, 2024
Black Friday. How to make it work for you (or not)
Applied Digital Marketing Green Matters Pantones
16 August, 2024
Green matters - communicating sustainability
Talented and highly motivated individual needed to join our marketing team
13 June, 2024
Talented and highly motivated social media specialist required
Why is SEO content so important for Google rankings?
03 July, 2023
Why is SEO content so important for Google rankings?
GA4 Will Replace Google Analytics In 2023 | Applied Blog
18 March, 2022
GA4 will replace Google Analytics in 2023
Applied Digital How IOS15 Impacts Email Marketing 2
24 November, 2021
How does Apple's iOS15 update impact email marketing campaigns?
Google Lighthouse - What you need to know | Applied Digital
01 July, 2021
Google Lighthouse: Everything You Need To Know
Marketing Glossary N-Z | Applied Digital Marketing
10 February, 2021
Jargon-Busting Marketing Glossary Part 2: N-Z
Marketing Glossary A-M | Applied Digital Marketing
26 November, 2020
Jargon-Busting Marketing Glossary Part 1: A-M
SEO Myths Resolved | Applied Digital Marketing
29 September, 2020
Debunking The Most Common SEO Myths
How to measure PPC Data | Applied Digital
16 June, 2020
How To Measure PPC Ad Performance In Just 4 Steps
Google updates to nofollow link attributes - Applied Digital
20 September, 2019
Google’s New Link Attributes & Nofollow Updates: What SEOs Need To Know
Pay per click (PPC) advertising for B2B companies
12 August, 2019
How PPC Campaigns Can Deliver Great B2B Results
Digital marketing agency account management
16 July, 2019
How Often Should You Hear From Your Digital Marketing Agency?
B2B digital marketing strategy from Applied Digital
19 March, 2019
The B2B Marketing Process
How to resource your digital marketing - in-house or agency
21 January, 2019
How Should You Source Your Digital Marketing - In-House Staff or Digital Agency?
01 August, 2018
Why Should I Use a Google Partner Certified Agency?

More Expertise

Foundations
Brand Advantage
Marketing Advantage
Web Development

Cookies

This site uses cookies that need consent.