How to Add Privacy Policy to WordPress in 5 Easy Steps

Does your WordPress site need a privacy policy page?

Nowadays, privacy policies are a must for most websites due to privacy laws. However, most site owners don’t know how to make their own privacy policy page.

But don’t worry!

Making a legitimate privacy policy in WordPress is easier than you think.

This article will discuss how to add a privacy policy page in WordPress. Read on for the complete step-by-step process.

How to Add Privacy Policy to WordPress

5 Steps to Add a Privacy Policy to Your WordPress Website

Whether you’re a freelancer or a business owner, you’ll need to add a privacy policy page.

If you don’t want to make a WordPress privacy policy page from scratch, there are two ways you can make one for your site:

Using any method can give you a good privacy policy page that includes all the necessary clauses.

Enhance your privacy policy to show specific data privacy practices that are accurate for your company.

You can also check out privacy policies from other websites to get a general idea of how privacy policy agreements look.

Once you’ve chosen your preferred method, follow this step-by-step process to add a privacy policy to your WordPress website:

Step 1: Update WordPress

Fortunately for WordPress site owners, WordPress 4.9.6 comes with a basic privacy policy generator.

This update allows website owners to write their privacy policy page on WordPress.

If you haven’t updated your WordPress website, make sure you do so to take advantage of this new feature.

Step 2: Create a Privacy Policy Page

Once WordPress has been updated, start building a privacy policy page by going to Settings > Privacy.

You’ll see that WordPress has already drafted a generic privacy policy template on the existing page to help you get started.

Click on the edit link so you can begin making your privacy policy.

Alternatively, you also have the option to create a new page to display your privacy policy.

If you want to go with this option, select Create a New Page to automatically generate a privacy policy template.

This new page only has a rough outline of the clauses necessary for a privacy policy page. YOU have to provide the details you need on your privacy page.

You can edit different sections on the privacy policy template, including Who we are, What personal data we collect and why we collect it, How long we retain your data, and more.

There will be suggested headers that include the features your WordPress website might use to collect user information, such as:

  • Comment forms
  • Media
  • Contact forms
  • Analytics
  • Cookies

It’s CRUCIAL that the information you write accurately represents how you collect personal information and how you will use it.

Step 3: Collect the Required Data

The WordPress privacy policy generator has a data usage policy for WordPress features such as comment forms, media, embedded links, etc.

You’ll have to specify the methods of data collection and data protection you might use through WordPress plugins, themes, or third-party services on your site.

No matter what WordPress theme or plugin you use, you’re required to disclose your website’s data usage policies, namely:

  • Contact forms data usage
  • Analytics data usage
  • Ads data usage

Step 4: Enhance Your Privacy Policy by Adding Data Usage Details

International laws like the European Union’s General Data Protection Regulation (GDPR) have provisions that apply to WordPress websites outside the EU.

It’s best to use WordPress plugins that are already compliant with GDPR, such as the WP AutoTerms Plugin.

TIP: If you use plugins for your WordPress website, provide a link to the privacy policy page of that plugin.

If you accept website visitors from different regions, let them know how you comply with international privacy laws.

You can also use Google Analytics to track browsing data and collect personal information from website visitors.

Google Analytics

It’s well known that Google Analytics collects personal information such as IP addresses, user identification, and cookies to track user behavior.

To remain compliant with GDPR, you must make personal data anonymous before processing and storing them.

A noticeable banner or pop-up on the website must also ask for users’ CONSENT before tracking their data.

Google Adsense

If you want to host ads using third-party ad networks like Google Adsense, you need to notify users that you’re using cookies or web beacons to collect personal information.

Contact Forms

Names, phone numbers, and email addresses submitted through contact forms are personal information that needs to be protected.

Under national and international privacy laws, WordPress contact forms should:

  • Obtain the user’s consent to store information for commercial purposes
  • Disable tracking tools
  • Ensure data processing agreement with form providers when using Software as a service (SaaS) based solutions

If you’re using a plugin like WPForms, making a GDPR-compliant contact form is as simple as adding a consent checkbox.

Step 5: Add a Link to Your WordPress Privacy Policy Page

Once you’ve completed your privacy policy page, it’s now time to publish. To do so, simply select Publish on the right-hand panel of the page.

REMEMBER: Publishing your policy page will override any previous privacy policy on your WordPress site.

You can also preview your privacy policy page by selecting Preview.

When you’re satisfied, you’ll need to add your WordPress privacy policy to your site menu so that it will be visible to site visitors.

Adding Via Widget Settings

Most WordPress websites display the link to their privacy policy page on the footer widget area.

Putting the link on the footer widget area means that the WordPress privacy policy is accessible on every page and doesn’t take up space in the navigation menu widget.

If your WordPress site allows widgets on the footer sidebar, go to Appearance > Widgets.

Click on the navigation menu widget to bring up the list of informational pages on your website.

You’ll need to create a new custom navigation menu to add your privacy policy page. You can do this by going to Appearance > Menus.

Select Create a New Menu at the top of the page and enter a name for your menu link.

On the left-hand column, you can add pages that you want to appear on this newly created menu. Naturally, pick your privacy policy page.

You can also add items like your about page, terms and conditions, and other legal pages. Once you’re satisfied, you can click Save Menu to confirm your changes.

Go to Appearance > Widgets and click the + icon to add a navigation menu widget that will add the custom menu you made earlier from the widget settings.

Once you’ve included the custom menu with your privacy policy page link, you can save your widgets.

Now your privacy policy is ready for action!

Manually Adding a Link

What if your WordPress theme doesn’t allow you to add a widget on your footer menu or a footer area?

You can also manually add a new menu link using HTML code. You’ll need to edit the footer.php of your WordPress website.

In the footer.php, add the following code in any location on the document’s HTML between the <body> and </body> tags:

<a href=””>Privacy Policy</a>

Replace the quoted link with the URL of your WordPress privacy policy page. Preview your page to see how it appears on your site.

Congrats! You’ve successfully added your privacy policy to WordPress.

What Is a Privacy Policy?

a Privacy Policy

A privacy policy is a legal document that defines how an entity collects user information and for what reason.

It’s basically a statement that legally requires the site owners to protect any personal data they collect from users.

A privacy policy should describe ALL aspects of personal data collection, including:

  • Information collected from users who visit the site
  • Data collection methods, e.g., site logs, third-party tools, web beacons, cookies
  • Third-party services and advertising programs
  • External links to the privacy policies of third-party advertiser websites
  • How to opt-out pages and block cookies
  • Company contact information that customers can use for further inquiries.

Most websites collect data from site visitors for different purposes. As a result, many countries have regulations that require websites to disclose how they collect user data.

It’s good practice for ANY business to include a privacy policy on their site to avoid legal issues.

Why Should You Add a Privacy Policy on Your WordPress Website?

You will need a WordPress privacy policy if you intend to collect personal information from users.

In the U.S., no federal law requires a privacy policy except for the Children’s Online Privacy and Protection Act (COPPA).

However, state laws such as the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA) include provisions for data privacy.

The European Union’s General Data Protection Regulation (GDPR) also recently took effect in May 2018, which aims to regulate data collection from EU residents.

Any website that collects data from users residing in EU member states is subject to the GDPR.

Regardless of where an entity is based, state and international laws on data privacy still apply.

If your WordPress website accepts users from different regions, creating a privacy policy is HIGHLY recommended to protect your company from liabilities.

Additionally, having a privacy policy shows that you’re transparent with how you handle user data, which helps foster user trust.

What Should You Include in a WordPress Privacy Policy Page?

Creating a privacy policy can be challenging for first-timers.

Luckily, WordPress comes with a built-in privacy policy generator that lets you draft a template.

There are also WP plugins that simplify the process of making legal pages, so you can generate professional disclaimers, policies, and more for your website!

When writing a privacy policy agreement, you should know what kind of user information you want to collect and what you will use it for.

A WordPress privacy policy page should contain the following:

  • The type of information you collect from users
  • The data collection method, such as cookies, comment forms, registration, etc.
  • Any third-party services or advertisers that collect information from users
  • Links to affiliated third-party services and programs
  • Contact information that users can get in touch with

A privacy policy in WordPress must be CLEAR and CONSPICUOUS to users. The options of accepting or rejecting data usage should be equally noticeable.

Frequently Asked Questions (FAQs)

Below are commonly asked questions about privacy laws that you need to know:

What Is the GDPR (General Data Protection Regulation)?

The European Union (EU) established GDPR to set requirements for collecting and processing personal data from individuals residing in the EU.

The scope of this privacy law covers any entity that targets data related to people within the EU, regardless of where the entity is based.

It means that even if you’re a US-based website, as long as you accept EU users, you must comply with GDPR regulations.

If found in violation of GDPR provisions, you can be fined up to tens of millions of euros.

What Is the CCPA (California Consumer Privacy Act)?

The California Consumer Privacy Act of 2018 (CCPA) gives users a certain amount of control and freedom over how businesses handle their personal data.

The CCPA requires businesses to provide notices regarding their privacy practices to users.

Under this law, California residents can enjoy privacy rights that allow them to protect their personal information, opt out of data sharing, and delete any data collected from them.


Writing a privacy policy for your WordPress website has never been easier!

You can use WordPress’s own generator to create a privacy policy tailored to your needs. Alternatively, you can also use WP plugins that streamline your privacy practices.

Nowadays, you would be hard-pressed to operate a website without encountering legislation on data privacy and protection.

If you want to avoid legal issues, you should comply with privacy laws like the GDPR and the CCPA.

A privacy policy is VITAL in keeping your users informed and protecting you from legal liabilities.