Blog

Do I need a privacy policy?

If your site sets a single non-essential cookie or your app loads any analytics SDK, the answer is yes.

By FreePrivacyPolicy Editorial Team · Privacy compliance editors · Privacy Basics · 4 min read

Generate one in 2 minutes Free · no signup · hosted public URL

The 30-second answer

You need a privacy policy if any of these are true:

You collect an email, name, or any account info
Your site uses Google Analytics, Meta Pixel, or any analytics
Your site loads ads
You sell anything online
You publish a mobile app on the App Store or Google Play
Anyone in the EU, UK, California, or Brazil could visit your site

For 99% of digital products, the answer is yes.

Who specifically requires it

Requirement source	What triggers it
GDPR (EU/UK)	Any processing of EU/UK user data
CCPA (California)	$25M revenue or 100k+ CA consumers
LGPD (Brazil)	Any service offered to Brazilian users
Apple App Store	App Review Guideline 5.1.1 — required URL
Google Play	Data Safety section — required URL
Google AdSense / AdMob	Publisher policy — required disclosure
Meta Ads	Business Tools Terms — required disclosure

Ready to publish?

Answer six questions, get a hosted public URL the App Store, Google Play, and ad networks accept. No credit card.

Generate one in 2 minutes

Frequently asked questions

My site is just a landing page. Do I need one?

If the page has Google Fonts, Google Analytics, a contact form, or a newsletter signup — yes.

What about a personal blog with no analytics?

Strictly, even a static blog whose host logs IP addresses processes personal data under GDPR. In practice, the risk is minimal — but the cost of a generated policy is zero, so publish one anyway.

Do I need a privacy policy?

The 30-second answer

Who specifically requires it

Ready to publish?

Frequently asked questions

Related reading