October 6, 2022
From privacy notices to cookie policies, websites are obligated to host a series of documents to meet UK law requirements. Exactly what needs to be covered will depend on the nature of your business, but to offer a helping hand, we've created an overview of the kinds of documents you should consider including on your website. Let's get started.
Under UK data protection law, website owners are required to let users know when and how their personal data is being ‘processed’. ‘Processing’ means doing pretty much anything with someone’s personal data and following the introduction of the General Data Protection Regulation (GDPR) in 2016, ‘personal data’ includes ‘online identifiers’ such as IP addresses and cookies. This means that you may be processing personal data, even when you only have a simple site for informational purposes.
Your privacy policy needs to reflect exactly what you are doing with user personal data – the law is quite specific about what is required, so it is a good idea to seek legal advice when preparing your policy to ensure that you are compliant. As you may be aware, the UK’s data regulator, the Information Commissioner’s Office (ICO), has the right to come down hard on those that don’t comply with the law.
The law requires that where cookies are being used on a website, the user must be given notice of this and allowed to opt-in or out of the use of certain cookies. You will no doubt have seen this in the form of cookie banners or so-called ‘cookie walls’ on sites you visit.
Under the GDPR, specific information must also be given about the types of cookies being used. This information is often included in the privacy policy but is sometimes set out in a separate cookies policy. Again, the law dictates that specific information must be included, so we recommend you seek legal advice when preparing your cookies policy.
Website terms of use set out information about how users may access and use your site. The terms should include information about you (as site operator), your rights to modify the site (or withdraw it altogether), disclaimers regarding information published on the site and details of how information from the site may be shared and used.
The terms of use may also incorporate guidelines around unacceptable use such as hacking, viruses and uploading inappropriate or illegal information. These guidelines are sometimes set out in a separate policy, particularly if detailed information is required - for example, if users can add comments or upload their own information.
If you are providing services via your website, you will also need to provide terms and conditions (T&Cs) that govern the provision of your services. If you’re providing services to consumers (rather than other businesses), your dealings will be more strictly regulated, and your T&Cs will need to comply with certain legal requirements and include specific information. Your T&Cs will underpin all of your sales and will be the first thing you turn to when a problem arises covering important issues such as liability, so it is well worth investing in them to ensure you get them right.
As you can see, there's a lot to consider when managing your website. To simplify the process, we've put it all into one handy infographic for you. Sorted!
Need support with legal documents for your website? Discover how we can support you with privacy policies, cookie notices, and much more.