The Martech Report 22/23

Martech is more important than ever, and despite a more challenging economic situation in 2022, martech budgets are continuing to grow. The global market for Martech and Salestech is estimated to be worth $508.9bn.

As our latest State of Martech report finds organisations face a number of challenges around marketing technology. The biggest one is finding the skills and talent needed to drive martech initiatives.


Data Privacy Policy: What It Is and How To Create One

anticonlx global

Partner Content

A data privacy policy helps companies comply with privacy laws while setting expectations for website visitors about their data usage.

Out of the adults Statista surveyed worldwide, 66% of respondents agreed that they felt tech companies control their personal data. Surveyed consumers based in the United States, United Kingdom, and Spain expressed more concern about their personal data when compared to respondents based in Europe and Asia. In response to increasing privacy awareness, companies need to assure consumers of their privacy rights with an accessible and digestible data privacy policy. Let’s take a closer look at what a data privacy policy is and why businesses need to have one on their websites. 

What Is a Data Privacy Policy? 

A data privacy policy is a public declaration about what data may be collected from visitors and how these may be used by the company, its affiliates, and external technologies like analytics or advertising tools. The policy also lays out how the company maintains, discloses, and protects visitors’ data. Some companies choose to create their own delivery channels for their data policies, like Treasure Data’s Privacy Hub. 

Data privacy policies are mandated by privacy laws, including the General Data Protection Regulation (GDPR) for the EU, California Online Privacy Protection Act (CalOPPA), the Delaware Online Privacy and Protection Act (DOPPA), and the Children’s Online Privacy Protection Act (COPPA), among others. Non-compliance puts companies at risk of penalties and fines amounting to thousands of dollars per violation. 

Data privacy policies are important not only for compliance but also serve as legal documents on a website that sets expectations for site visitors. Therefore, privacy policies should be accessible to visitors regardless of where they are on a company’s website. 

How To Create a Data Privacy Policy 

Companies need to think about three main things when creating a data privacy policy: 

  1. What details to include 
  2. Where to put it on the website 
  3. How to make sure visitors read it 

Policy Details 

Data privacy policies need to include important details, like: 

  • Company information, including legal name, headquarters or mailing address, contact number, and email. 
  • The types of data collected from consumers include personal identifying information (PII), demographic data, technical information, and website activity. 
  • How visitor data is collected, e.g., through direct interaction, third-party sources, external technologies, or user contributions from website activities like account logins. 
  • What the company intends to do with visitor data, e.g., advertising initiatives,  personalised browsing experience, targeted marketing. 
  • Visitors’ privacy rights under applicable laws within a specific jurisdiction. 
  • People or parties with whom the company may share visitor data, e.g., company affiliates and subsidiaries, business suppliers, advertisers, and third-party buyers. 
  • Visitors’ options about what data may be collected and how these may be used. 
  • Implications of cross-border data transfer. 
  • Company policies on data security, retention, and deletion. 
  • Changes to the company’s data privacy policy. 

Requirements for every mandated data privacy policy will vary according to specific jurisdictions and applicable laws. However, companies may start with the above list and modify it as necessary to comply with current laws. 


Another important consideration is where to locate the data privacy policy on the company website. Typically, a dedicated page houses the entirety of the policy document with important details, such as business contact information and the user agreement. 

The data privacy policy must be linked to the website homepage and on every webpage. Many companies display a link at the footer of the website. Others use a pop-up to notify visitors of the company’s privacy policy before they can access the site. 

Companies must obtain visitors’ consent before collecting data. While some websites require visitors to confirm their agreement, others imply user acceptance through continued use of the site. Make sure to check applicable privacy laws and comply with regulatory requirements for user consent. 


The last consideration is how to make the policy appealing to readers. Here are a few tips to encourage users to read the policy: 

  • Use plain words and avoid unnecessary jargon. 
  • Place important details at the beginning of the document. 
  • Break up large blocks of text. 
  • Include a hyperlinked and/or bookmarked table of contents. 
  • Outline visitors’ choices regarding personal data, like opt-outs. 
  • Communicate updates to the data privacy policy. 
  • Be transparent about how your company uses visitor data. 

In summary, a data privacy policy informs website visitors and consumers how a company collects, uses, and shares data. Companies need to provide this policy to comply with privacy laws and set visitors’ expectations about how their privacy rights are being protected. A data privacy policy needs to include important details, like what data points are collected, how users’ personal data are used, and applicable privacy rights, as well as visitors’ options regarding their personal information. Data privacy policies must be accessible from every website page and designed to be reader-friendly to engage website visitors.