Julianne Harris Church Marketing University

Julianne Harris is the CCCO at Church Marketing University- which is a fancy-sounding way of saying that every day, she gets to serve the local church: whether that's researching a topic that intimidates many church leaders, helping people navigate the many re... read more

The Ultimate Guide to Creating a Church Website Privacy Policy

We get it.  Creating a website privacy policy is no fun.  Unfortunately, if you’re collecting any kind of information from people online, you need a church website privacy policy. 

When it comes to your church’s physical meeting space, you know people need to feel safe before they’ll be willing to come back- and the same rule applies to your digital location. So, in addition to creating a great aesthetic that conveys welcome, you need to help people understand how you’re protecting their personal information.

To keep things simple, you can download our recommended starter template here. We’ve done our best to do the heavy lifting for you, but please keep in mind that we are not lawyers.  You need to run your website privacy policy by your legal counsel to make sure it fits your church, location, and situation. 

Download Our Free Website Privacy Policy Template 

*We are not lawyers. Consult with your church’s legal counsel before publishing your privacy policy.


In this guide, we will give you an overview of why website privacy policies are important and what they include.  In addition to the template above, we’ve included tons of examples and links to legal resources where you can get additional help.

If your entire website (not just the privacy policy) needs attention, you’re going to love the Church Marketing University Website Solution. With the CMU website solution, you’ll successfully balance:

  • clear communication
  • technical excellence, and
  • a new-user focus. 

Plus, our team will work with you to help you get unstuck as you’re setting it up.  If you’d like to learn more, schedule a free consultation today!

Why Might my Church Need a Website Privacy Policy?

Why is a church website privacy policy important? Here are a few reasons:

  • Website privacy policies are required for websites that gather information about people.
  • They’re required for more than just online giving.  In fact, in order to use Google AdSense, Google Analytics, or to install the Facebook Pixel, you have to be able to link to your website’s privacy policy.
  • Even if you don’t need one for legal reasons, having a privacy policy communicates that you care. Would you give your information to someone who refuses to tell you what they are doing with it?  For that matter, would you consider attending a church that treats your personal information casually?  Obviously, no!  A website privacy policy communicates that you are doing all you can to protect people’s personally identifying information.

What’s a Privacy Policy?

Now that we’ve talked about why it’s important, let’s take a step back and discuss what a privacy policy actually is. 

Basically, a privacy policy is a page on your website that explains how people’s data and information will be used.

Your church’s website privacy policy will be unique.  After all, it’s based on the information you collect and how you plan to use it.  To that end, any information you gather on your website should be mentioned in your privacy policy.  Data-protection laws vary in different countries, but generally speaking, you should follow the EU cookie law and GDPR to ensure you are protecting everyone’s privacy.

For example, here are some (but not all!) of the things that require a privacy policy:

  • A way to “Plan Your Visit” or “Pre-Register Your Kids.”
  • An Opt-in for a newsletter.
  • The use of cookies (Basically all sites use cookies).
  • Any “contact us” field.
  • A page for online donations.
  • Small group sign-ups.
  • Selling online church merch or fundraising through other means.

If you’re not sure what “cookies” and “GDPR” are, we’ve included a definitions section later in this guide. 

Don’t Website Privacy Policies Scare People Off?

No.  In fact, telling people exactly how you’re using their information should reassure them.

In the end, every piece of information you collect is designed to help people achieve their goals.  For example, cookies allow your website to load more quickly on people’s browsers.  In the case of forms, entering personal information helps people to accomplish their goals, like planning their visit.  Just make sure you explain why you’re collecting that information and how your church uses and stores it.  

Bottom line?  Asking for people’s personal information is not inherently bad, and having an easy-to-understand website privacy policy shows that your church can be trusted.

What Does a Church Privacy Policy Look Like?

A church privacy policy should include at least five sections:

1 ) The Introduction

This is your opportunity to explain the purpose of your website. If you’re not sure what your purpose is, try to answer the question, “What am I trying to accomplish with this site?”

Then, explain that the privacy policy exists to help people understand how the church uses their information.  It’s a good idea to include a line that says, “using this website implies acceptance of the privacy policy.”

Tip:  If you find that your site isn’t helping you get new visitors, it might be time to check out the CMU website solution.

2) Collected Information

This section helps people understand what is being collected and how you are using it.  Be crystal clear about every piece of information you collect, even if it seems obvious.

3) Means of Collection

In this section, explain the procedure you use to gather information about people. For example:

  • Do you use forms?
  • Are there fields to provide personal information?
  • Is information collected through cookies?
  • How do you use this information?

4) Information Storage

Now, tell people exactly where their information is being stored. This demonstrates that their personal information is secure in your hands. As far as information storage goes, there are different regulations depending on your location. (We’ll look at these later)

If you’re not sure how to store information, looking into a church management software or email/text solution like Text In Church is a great place to start.

5) Contact information

Lastly, you need to provide information on how the user can contact you. This needs to be a clear and direct form of communication, such as an email address.  Make sure it’s an address where people will receive a quick response if they contact you with questions.

Optional sections

Definitions

You may want to include a section that defines some key terms, such as:

  • personal data
  • cookies
  • data controller
  • data processor
  • GDPR
  • SSL
  • personal identification
  • etc. 

We have example definitions of a few of these terms in the next section of this guide.  You are welcome to steal them!

Data Collection Laws

You can provide a section that explains the laws regarding data collection for the area where you live. For example, for countries that are members of the EU, you can explain how the EU Cookie Laws apply to your site.  Be sure to check your understanding of these laws with a lawyer.

User-Controlled Options

If you have a page that allows people to opt-in or out of a specific form of data collection, link to it!  Make this super easy to find, because trying to opt-out is one of the main reasons people will read your privacy policy.

Key Definitions

What Is A Secure Sockets Layer (SSL) Protocol?

SSL encrypts the information sent between you and a website so that hackers and people with harmful intent cannot read your data.  It’s a basic level of site security, allowing people to:

  • Browse your website without their information being stolen
  • Enter information securely
  • Communicate online without fearing that their information will be stolen

Wondering if your website already has SSL protection?  Good news: it’s easy to figure out!  Your website has SSL protection if the URL begins with HTTPS instead of HTTP. For example, https://churchmarketinguniversity.com 🙌

If you don’t have SSL protection, you need it.  You can find a link to get it in the “additional resources” section of this guide. 

It’s important to make sure you install your SSL so that ALL the pages on your website are protected.  We’ve seen too many church sites not appearing in Google searches and/or having online ads rejected because they hadn’t protected every page on their site. 

Side note: If your site is secure, and you’re STILL having trouble appearing in Google searches, we recommend signing up for our CMU website coaching!  You’ll receive personalized training on how to get your church on the first page of Google searches for churches in your area.

What are Cookies?

Have you been prompted to select your language preference when you visit a site for the first time? After making a selection, chances are, the website remembered your preference the next time you visited. This is the work of a cookie.

Basically, a cookie is a small document of information that websites store in order to remember user preferences and useful information.

Here are a few facts about cookies:

  • Cookies do NOT carry personal data from your hard drive.
  • Cookies require explicit consent from the user before a site can use them.
  • Use of cookies with the Facebook Pixel and Google Ads Remarketing allows you to retarget users- or show your ads to people who have previously shown interest in your church by visiting your website.  This is a good thing for both you and the people being retargeted, because it means Facebook and Google are showing your ads to people who are interested.
  • Sadly, these kinds of cookies do not contain chocolate chips.

What Is the General Data Protection Regulation (GDPR)?

Essentially, corporations and websites must follow GDPR guidelines in order to protect the safety of people using their site. GDPR sets a specific list of DOs and DON’Ts regarding what information can be recorded and what cannot. For more information on GDPR, take a look at the “legal resources” links in the next section.

Example Church Website Privacy Policies & Legal Resources

Churches in the USA
Elevation Church https://elevationchurch.org/legal/
James River Church https://jamesriver.org/privacy
Life.Church https://www.life.church/privacy/
Saddleback Church https://saddleback.com/policies/privacy
Seacoast Church https://www.seacoast.org/privacy-policy/
Moody Church https://www.moodychurch.org/privacy-policy/
The Life Church https://lifechurchsunvalley.org/privacy-policy/
Willow Creek Church https://www.willowcreek.org/en/about/privacy
Southeast Christian Church https://www.southeastchristian.org/privacy-policy.php
New Life Church https://www.nlchurch.com/privacy-policy/
Global Churches
Hillsong Church https://hillsong.com/privacy/
Holy Trinity Brompton https://www.htb.org/privacy-policy
ICF Church https://www.icf.church/en/privacy/?cn-reloaded=1
Faith-Based Organizations
Joyce Meyer Ministries https://joycemeyer.org/privacypolicy
Convoy of Hope https://www.convoyofhope.org/privacy-policy/
Samaritan’s Purse https://www.samaritanspurse.org/our-ministry/privacy-policy/
World Vision https://www.worldvision.org/privacy-policy
World Relief https://worldrelief.org/privacy-policy
Corporate Policies
Google https://policies.google.com/privacy?hl=en
Apple https://www.apple.com/legal/privacy/en-ww/
Panera Bread Co. https://www.panerabread.com/en-us/company-information/privacy-policy.html
Chipotle https://www.chipotle.com/about-us/privacy-policy.html
Legal Resources
Rocket Lawyer – Online Free Privacy Policy Creator https://www.rocketlawyer.com/sem/online-privacy-policy.rl
Free Privacy Policy Creator https://www.freeprivacypolicy.com/
List of Privacy Policy Generators https://digital.com/blog/best-privacy-policy-generators/
Globally covered Privacy Policies https://www.privacypolicies.com/
How to Create a Privacy Policy (wiki) https://www.wikihow.com/Create-a-Website-Privacy-Policy
Free Privacy Policy Generator https://www.shopify.com/tools/policy-generator
Additional Resources
Importance of a Privacy Policy https://www.privacytrust.com/guidance/privacy_policy.html
What is a Privacy Policy and Why Have It https://www.websitepolicies.com/blog/what-is-privacy-policy
What is GDPR  https://www.youtube.com/watch?v=I01XMRo2ESg
What are “cookies” https://www.youtube.com/watch?v=IPQhME1UYQU
What is SSL and Why Is It Important https://www.globalsign.com/en/ssl-information-center/what-is-ssl/
How Do the “cookie laws” and “GDPR” Apply to You https://www.iubenda.com/en/help/5525-cookies-gdpr-requirements
How to Obtain an SSL certificate (HTTPS) https://support.google.com/domains/answer/7630973?hl=en

Download Our Free Sample Privacy Policy 

Additional Tools

Iubenda

Iubenda offers solutions to help you make your website or app compliant with legal requirements.  They cover privacy policies, cookies, terms and conditions, and more. If you use their paid services, their legal team can keep them up to date and maintain them. They also offer free webinars on some of these subjects!

WordPress Privacy Policy Template

WordPress has this great article about what a privacy policy is, why you need it on your website, what you should include, and how to add it to your website. Even if you don’t use WordPress, their article is worth checking out! They also created an example privacy policy.

The CMU Website Solution

If your entire website needs attention, you’re going to love the Church Marketing University Website Solution! With the CMU website solution, you’ll successfully achieve clear communication without sacrificing technical excellence or a new-user focus.  If you’d like to learn more, schedule a free consultation today!

Pin It on Pinterest