Browse by Topic

Creating a Privacy Policy

A privacy policy is important to include on your store to give your shopper's peace of mind that their information is stored securely. For some payment gateways or services, a link to your privacy policy or terms of service is required.


What is a Privacy Policy?

A privacy policy is a legal statement that explains to your website visitors what information you collect about them, when you collect it, and how you use it. It's meant to reassure visitors that their confidential information is safe and secure, and will only be used in relation to your business.

Many states, countries and other jurisdictions require a privacy policy by law for websites that collect any information from visitors. Being an ecommerce platform, your BigCommerce store collects some personal information from your shoppers and customers, such as their email address, name, shipping address and phone number.

Your BigCommerce store does not store your customers' credit card information. It is stored separately by your payment gateway.

Another reason for having a privacy policy is to inform visitors that when they click a link to leave your site and go to a third-party website, the privacy policy in place on your site is no longer enforced. It is the visitor's responsibility to check the third-party website's policies.

Browser Cookies

A browser cookie is a small amount of information sent from a website and saved into a visitor’s web browser.

Commonly, websites use cookies to:

  • track the surfing habits of visitors
  • make it easier for returning customers to login
  • remember what products were added to the shopping cart

When cookies are used in these ways, it must be made apparent in the site's privacy policy. BigCommerce does use cookies to remember what is in a shopper's shopping cart. This helps generate information for the Abandoned Cart Saver.


Adding a Privacy Policy

You can use one of your store's web pages for your privacy policy. See the section on Creating a Web Content Page under Web Pages for more information.

Many website owners choose to block search engines from crawling their privacy policy pages in preference to their more relevant content, category or product pages. See our article on using the Robots.txt File for more information.


Requiring Consent during Account Signup

GDPR requires that the privacy policy be linked and consented to during account signup. While BigCommerce works to add this as a built-in functionality, you can accomplish it in the meantime using these steps.


Cornerstone Themes Only. The script provided here only works with Cornerstone based themes. If it is not working, please contact a developer or ask in the Security & Privacy Community Group.

1. Go to Advanced SettingsAccount Signup Form.

2. Create a checkbox field with the following settings:

  • Field Name — Consent
  • List of Values* — I agree to the Privacy Policy
  • RequiredYes this field is required

User-added image

* note that this phrase is what triggers the JavaScript in the steps below. It is case-sensitive and should match exactly.

Save your changes when done.

3. Go to Storefront › Script Manager and scroll down to the footer box. You may find this under StorefrontFooter Scripts. Add the following javascript.


This script is case sensitive! Be sure to use the code exactly as written, or the link will not work correctly. (This script assumes that your privacy policy uses the URL /privacy/, but if not, the value within a href='/privacy' can be modified to the correct URL.)

if( === "?action=create_account") {
    consent_checkbox = document.querySelector("input[value='I agree to the Privacy Policy']").attributes['name'].value;
    document.querySelectorAll("label[for='"+consent_checkbox+"']")[0].innerHTML = "I agree to the <a href='/privacy'>Privacy Policy</a>";

Save your changes. Check the account signup field on your storefront to make sure that the code works and is linking correctly.

Was this article helpful?