Where To Get a Privacy Policy Template for Your Canadian Website

Post by Alison Knott | Last Updated: April 29, 2021

Where do you get a privacy policy template if you have a Canadian Website? I recommend the templates from Online Legal Essentials. Instead of using a free generator and hoping my website is protected, I use Online Legal Essential’s template on my own site as a web consultant. This template is so comprehensive that I am an affiliate supporter of it—which means if you click this link to buy the Website Legal Essentials package, I receive a % of the sale.

Disclaimer: Before we get too far into this, please note that I’m not an attorney. Always consult with a lawyer who understands your industry legislation requirements. 

While it’s easy to find free generators online, why waste your time tweaking a random template? How can you be sure the changes you’re making are legally binding? After taking the time to make sure the other pieces of your business are legally sound, taking a chance with your privacy policy leaves you vulnerable to vague interpretations of that free online template you found. For my website’s Privacy Policy Page and Terms & Conditions page, I used the Online Legal Essentials ‘Website Legal Essentials” package, which gave me access to everything I needed to protect my website.

Why Online Legal Essentials has the best privacy policy template

Online Legal Essentials is dedicated to privacy policies and other online business legal needs. It offers the best privacy policy templates for Canadians because:

  1. It can be completed in an afternoon. It gets right to the meat and potatoes. No fluff, just the how and why of what you need to protect your business. Each module includes explainer videos and easy-to-edit template files.
  2. The templates provided are in plain language. It’s easy for you as a business owner to edit and omit what isn’t relevant.
  3. There is currently a bonus about GDPR. It deals specifically with visitors from the EU. Info on how this can apply to your Canadian business site is outlined. Even if you don’t specifically target EU visitors. Your Google Analytics can help you determine if you are getting EU visitors.
  4. The templates are created by a Canadian lawyer, specifically for Canadian businesses. Corrine Boudreau is a Nova Scotian attorney I have personally sent clients to for legal advice. In her package, it’s easy to connect with her as the course creator for any additional questions you may have. Finally, a truly Canadian product!

 

It not only covers privacy policies but also other commonly needed website legal templates

Who doesn’t like a well-rounded resource? The Website Legal Essentials Package is called that for a reason: it’s got everything you need!

  • Privacy Policy Templates. To explain to visitors what data you collect and what you’re doing with any personal information.
  • Copyright Notice Template. To protect your website content and clarify how others can reproduce it.
  • Website Disclaimer Template. This can serve several needs. Disclosing affiliation, how your website content is informational but not professional advice, etc.
  • Website Terms of Use Template. Collects all the items above into one central location. In my website, I decided to group copyright and disclaimers together on this page. This is where you can add policies around refunds, price changes and other transaction guidelines.

 

Man holding a phone with a '1 new message' and email icon on the phone that he is about to click.
Email addresses serve as currency for website owners, but some users are going to want to know what else is being done with their email addresses.

 

Why you shouldn’t use free privacy policy generators for your website

Often a search for privacy policy generators give you American results. Be careful before you copy them and be on your merry way! Canadian law has specific requirements you need to pay attention to.

 

Related: Why Websavers is the Best Canadian WordPress Hosting

 

Are Canadians legally required to have a privacy policy on a website?

Yes, having a privacy policy on your website is federally required as a private Canadian business. This is overseen by the Personal Information Protection and Electronic Documents Act (PIPEDA). They state that “organizations covered by PIPEDA must generally obtain an individual’s consent when they collect, use or disclose that individual’s personal information. People have the right to access their personal information held by an organization. They also have the right to challenge its accuracy.1”

What is considered personal information by PIPEDA? The following is directly from PIPEDA website, but I encourage you to double check the latest version.

  • Age, name, ID numbers, income, ethnic origin, or blood type;
  • opinions, evaluations, comments, social status, or disciplinary actions; and
  • employee files, credit records, loan records, medical records, the existence of a dispute between a consumer and a merchant, intentions (for example, to acquire goods or services, or change jobs).

As you will see, even the most simple of websites tend to at least ask for a name on a contact form. This means you need a Privacy Policy. More than likely, you ask for other details such as email addresses, phone numbers and other details.

 

I only collect email addresses on my site, do I have to worry about a privacy policy?

Well, you may be out of hot water with PIPEDA, but then you have the Canadian Anti-Spam Legislation (CASL) to contend with. This is a great primer article about the differences between PIPEDA and CASL.

 

Two women listening against a wall using teacups.
Many users now want to know what parts of their personal information might be shared with people they didn’t authorize to have access to them.

 

Do I need a privacy policy if I don’t collect data?

Yes! Even if you don’t collect data, then your Privacy Policy should state just that. No one can assume your intentions, and it’s your responsibility to make them as clear as possible. The reality is that you are collecting data to some capacity. You may have a designer or developer consult with you to add neat features to your website. However, it’s still your responsibility as the website owner to understand how these features collect data and affect your users.

Under PIPEDA, “An individual must be able to challenge your organization’s compliance with the fair information principles. They should address their challenge to the person in your organization who is accountable for compliance with PIPEDA.2” If you’re the only one in your business, guess what: you’re the person responsible for compliance. Not your web designer or developer. Unless they are your employee and appointed to be responsible, this all comes down to you, baby!

Users have the right to contact you and request their information be removed from their site. Do you know where to find that information? Some of the most common ways we collect data on-site include:

  • Contact forms. Some keep copies of submissions right on your site, others don’t.
  • Email opt-ins freebies, and downloads. Mailchimp, Active Campaign, Convert Kit – they are all third parties that may be passing along data.
  • Comments. People should know how to contact you in case they are unable to remove their comments from your site.
  • Tracking. If you use Google Analytics, Google Tag Manager, or Facebook Pixel, disclose this.

Related: How to Drive Free Traffic to Your Blog with SEO

 

Where to put a privacy policy on your website

The best place to put the privacy policy on your website is in your footer. This is the bottom of your website, usually where the copyright is.

  • Make sure it’s obvious that the link is clickable.
  • It does not need to be in your main navigation.
  • Depending on what other terms and conditions you have, it may also be located in your Cookie banner.
  • It doesn’t have to be fancy or designed. Keep it as easy to read as possible
  • Be sure to note that date whenever you make changes.

 

Having a privacy policy is just good business

Similar to how shoppers like to see a return policy on the bottom of their receipt, more and more website users are checking to see how their personal data is being handled. Being generously transparent about what you do with personal information is a positive addition to your branding. And at the end of the day, protecting your website and your users with a legal privacy policy is just good business.


References:

1. https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/pipeda_brief/
2. https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/p_principle/principles/p_compliance/