Why Your Website Needs A Cookie And Privacy Policy (And How To Add One)

[Editors Note – we work with Iubenda, and asked them to write this to help our users]

Are you trying to build up a website or blog? If so then you must be very excited: your website will take the shape of your dreams, projects and interests.

On the way to reaching your aims there is something that has to be considered carefully in your plan: the law. In particular – privacy and cookie laws.

Every site needs to have a privacy and cookie policy. So let’s start at the beginning: why you should worry about them?


Why Your Website Needs A Cookie And Privacy Policy (And How To Add One)


Why your website/app needs a privacy policy

When you run a website, most of the time you are offering a service where you don’t personally know your users (or readers or customers). Even if you are only at the beginning of your online journey, you can probably guess that it could be very useful to know a bit more about your sites visitors.

You may think “Uhm, what kind of data should I collect? I’m not interested in peoples private information so this does not really concern me”.

Woah there! Collecting your users’ data does not mean that you spying on them. The concept of user data is much wider than that!

If you collect your users’ email address to send a newsletter. If you allow them to upload images, or if you ask them their name and surname or their phone number to recontact them later, well: the whole Privacy law thing does concern you.

In fact, in Europe, according to the Data Protection Directive (95/46/EC) and the ePrivacy directive (2002/58/EC, as revised by 2009/136/EC), any website/app user has to be informed if a processing/collection of their personal data occurs.

The laws like this are not only in Europe either: all over the world, in many countries there are similar legal requirements.

To this end, a website owner or an app developer has to provide his website/app with a privacy policy.



Which data can be designated as “Personal data”?

Here is the definition of personal data:

“Personal data means any information relating to an identified or identifiable individual; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number (e.g. social security number) or one or more factors specific to his physical, physiological, mental, economic, cultural or social identity (e.g. surname and first name, date of birth, biometrics data, fingerprints, DNA…)”.

Here is the information that should be contained in a privacy policy:

  • identity and contact details of the website owner or app developer;
  • particular categories of personal data that could be processed and collected and why;
  • whether data will be divulged to third parties, and who they are;
  • rights of the users in terms of resignation of consent and cancellation of data.


Why your website/app needs a cookie policy

The cookie law started as an EU Directive that was adopted by all EU countries in May 2011: it was born to give to the users the right to refuse the use of cookies meant to violate their privacy.

What is a cookie? Cookies are little data files used to stock information in people’s browsers. There are cookies for different purposes: especially to identify users and remember their custom preferences, and help them when browsing from one page to another without re-entering information, but there are also cookies used for analytics purposes, or to display adverts pertinent to the user’s interests and online searches.

Cookies can be classified as “in session cookies” (which delete when you close your browser) and “persistent cookies” (which last longer) according to their lifespan.

Cookies can also be classified by the domain to which they belong – first-party cookies and third-party cookies. First-party cookies are meant to be set by the web server of the page, as opposed third party cookies are gathered to the domain of the visited page by a different domain.

If your site uses cookies of any kind, you have to inform your users with a brief notice (with a banner on the first user’s visit), and an extended notice, i.e. a cookie policy. You will have also to ask them their consent for the use of cookies, except for those used for “technical” purpose. In case they don’t give it to you, you may have to block any script that installs cookies.


How can you add a privacy or a cookie policy to your website and make it compliant to laws?

You can comply to Privacy and Cookie laws in many ways, but not all of them are suitable to protect you from fines.

For example, on the one hand, you could copy and paste the text of the privacy policy and of the cookie policy taken from another website, which you may think it’s similar to yours. There are also a lot of free templates online that can help you for this purpose.

However the law requires you to acknowledge your user about the exact reason why you are collecting and processing their data: any website is different, so how can you know that the text you are copying is actually fitting your needs? Also in case of non-coherent policies, you risk expensive fines.

On the other hand, another solution would be to contact (and pay!) a legal counsel: this action would be the most professional and low risk…. but also really very expensive! In addition to this, you would need to spend more and more money for every little modification you would need through the years.

But there is also a third option: you can turn to Iubenda (this link provides a 10% discount)! [Editors note – Full disclosure it is an affiliate link. We use Iubenda and love them, which is why we asked them to write this.]


Iubenda Privacy Policy
Iubenda’s privacy policy looks the best and is in the simplest language, that’s why we love it – Ed.



Iubenda is the most clear, fast and easy way to totally comply with the law without wasting money.

Behind its advanced software you can find one of the best legal teams in the field. In an easy and intuitive way, you will be able to make your website or app compliant to privacy and cookie law, as well as be able to write a privacy or a cookie policy perfect for your situation.

In fact, you will only have to answer simple questions about your website/app activity. Iubenda then translates your answers in “legal language”. It also generates a version using simple terminology to help your users understand what you are telling (and asking) them.

Iubenda also offers to all its clients the possibility of personalised assistance regarding privacy and cookie law issues, and also the drafting of Terms and conditions (which is another mandatory component of your website). In addition to this, Iubenda can offer you cookie analytics and customisable cookie banners.

Go visit Iubenda’s website through this link and get 10% discount for Iubenda’s privacy/cookie services!


Instil Confidence

As we said to start – when running a website or app, you are offering a service. If you can make your users feel like you are taking care of them, then they won’t get worried about giving you their business… and their data, too.

Therefore having privacy and cookie policies that are clear, understandable, and easy to find, the better you will comply with laws and the better your user experience.

About Chiara Musco

Content Specialist at Iubenda. Feet on the ground, head in the clouds; my mantra is this Chesterton’s quote: “There are no uninteresting things, only uninterested people.”