Creating a Privacy Policy

A privacy policy is important to include on your store to give your shoppers assurance that their information is stored securely. For some payment gateways or services, a link to your privacy policy or terms of service is required.

A privacy policy is a legal statement that explains to visitors what information you are collecting about them, when you collect it, and how you use it. It's meant to reassure visitors that their confidential information is safe and secure, and will only be used in relation to your business.

Many states, countries, and other jurisdictions require a privacy policy by law for websites that collect any information from visitors. Being an ecommerce platform, your BigCommerce store collects some personal information from your shoppers and customers, such as their email address, name, shipping address, and phone number.

Another reason for having a privacy policy is to inform visitors that when they click a link to leave your site and go to a third-party website, the privacy policy in place on your site is no longer enforced. It is the visitor's responsibility to check the third-party website's policies.

Browser Cookies

A browser cookie is a small amount of information sent from a website and saved into a visitor’s web browser.

Commonly, websites use cookies to:

• Track the surfing habits of visitors
• Make it easier for returning customers to log in
• Remember what products were added to the shopping cart

When cookies are used in these ways, it must be made apparent in the site's privacy policy. BigCommerce does use cookies to remember what is in a shopper's shopping cart. This helps to generate information for the Abandoned Cart Saver.

There are several websites that can help you to create a privacy policy that fits your store's needs.

• Ecommerce privacy, terms & conditions policy generator
• FreePrivacyPolicy.com

You can use one of your store's web pages for your privacy policy. See Web Pages for more information.

GDPR requires that the privacy policy be linked and consented to account signup. While BigCommerce works to add this as a built-in functionality, you can accomplish it in the meantime using these steps.

1. Go to Settings › Account sign up form.

2. Create a checkbox field with the following settings:

• Field Name — Consent
• List of Values* — I agree to the Privacy Policy
• Required — Yes this field is required

* note that this phrase is what triggers the JavaScript in the steps below. It is case-sensitive and should match exactly what is used in the script below.

Save your changes when done.

3. Go to Storefront › Script Manager and add the following JavaScript.

<script>
if(document.location.search === "?action=create_account") {
    consent_checkbox = document.querySelector("input[value='I agree to the Privacy Policy']").attributes['name'].value;
    document.querySelectorAll("label[for='"+consent_checkbox+"']")[0].innerHTML = "I agree to the <a href='/privacy'>Privacy Policy</a>";
};
</script>

Click Save, then check the account signup field on your storefront to ensure that the code works and is linking correctly.

Requiring Consent during Guest Checkout

Due to how email addresses are collected for the Abandoned Cart Saver and other marketing emails, guest customers must consent to your store's privacy policy before checking out as part of GDPR compliance.

To enable this setting, go to Settings › Checkout and select Require guest customers to accept a privacy policy (GDPR Recommended). Note that this will only appear if you have added the privacy policy URL to your store's security & privacy settings. Once you are done, save your changes.