Why establish a confidentiality policy?

A confidentiality policy provides your visitors with a statement on how you use their personal information, especially the information collected when they complete a tender, a contact form or when they purchase online.

A lot was said last year on the use of this data and new legislation, such as the General Data Protection Regulation (GDPR) was enforced in Europe. This legislation is very strict and specific and requires a complete analysis of the current practices to comply with (Relevant only for the companies doing business inside the European Union only, for now).


The basic elements of a confidentiality policy


Use of cookies and procedures to collect data

Cookies are small text files on a website that record information and preferences. For example, cookies can retain data from a form (so that the web user doesn’t have to retype every time s/he places an order) or for a number of sessions allowing fluid browsing from page to page on a website.

Web users can choose to activate or deactivate cookies, but you can require their use on your website in your confidentiality policy. We see an increasing number of pages advising visitors about the use of cookies and asking them to choose to activate them or not.


Link to other websites

It is important to know that links to external websites are excluded from your confidentiality policy. You must state your non-responsibility on how these websites gather personal information.


Banking data for online purchasing

It is essential to clearly state in you policy that banking and other sensitive information are not disclosed and that they are used only to process orders.


Third party with whom you share data (use and disclosure of gathered information)

If you share gathered information with a third party, whether it is with a programming firm, Facebook or Google (ex. pixel tracking or Google Analytics), it is recommended to mention it in your confidentiality policy.


Your contact information

Finally, you should clearly mention your contact information at the end of your confidentiality policy (or at the beginning) for people who might need to contact you.



Do not forget to validate the laws and legislations related to data protection on all the territories you are doing business with. You must comply to avoid fines or lawsuits. This clearly shows how important it is to write and post your confidentiality policy on your website!


Get advice from experts

We invite you to do business with experts in order to write your confidentiality policy. CIBLE’s specialized writing and web strategy teams can advise you. If necessary, a legal advisor (lawyer or notary) will have to review you policy to make sure everything is included and in compliance with the existing laws on your territory.