Privacy Policy

Create Privacy Policy in 4 Easy Steps

Fill in the

Preview your
agreement and pay

Download your
agreement instantly

Agreement will
be home delivered
in 7 working days.

Starting from Rs. 599.00/-

Create Privacy Policy Agreement

Need Help? Call us at +91 8035241251

What is

Privacy Policy

A privacy policy is a document contained on a website that explains how a website or organization will collect, store, protect, and utilize personal information provided by its users. It governs the collection of data (especially sensitive data like biometrics or financial information) from the user and the use of such data by the service provider (website, application, portal, platform etc.) or its transfer to any third party, with the aim to protect misuse of any information by the service provider/intermediary or any third party who has access to such information. 

Under the Information Technology Act, 2000 read with rule 3 of the Information Technology (Intermediaries Guidelines) Rules, 2011, and rule 4 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011, any person who on behalf of another person receives, stores or transmits any electronic information or data or provides any service including telecom service, internet service, web-hosting service, search engines, online payment sites, online-auction sites, online-market places (collectively intermediaries) is required to have a privacy policy.


1. Are privacy policies binding?

A privacy policy is a statutory requirement under the Information Technology Act, 2000 for every website and has a binding effect on the user. Further, Rule 5 of the Information Technology (Intermediaries Guidelines) Rules, 2011 authorizes the website to terminate the Users access in case of non-compliance with the User Agreement and Privacy Policy.

2. Can a service provider transfer data collected to another person?

Yes, a service provider may transfer the data to another person. However, the service provider should ensure that the transferee provides the same level of data protection that is provided by the service provider. Further, the transfer may be allowed only if it is necessary for the performance of the lawful contract between the service provider and the provider of information (user) or where the user has consented to data transfer.

3. Can a user withdraw the consent given to collect information or data provided?

Under rule 5(7) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011, a user may withdraw the consent given to a service provider to collect information. However, on withdrawal of consent to collect information, the service provider may not be able to provide goods or services for which the information was collected.

4. Does a privacy policy prevent a service provider from disclosing services to government authority? 

A privacy policy only protects against disclosure of information to unauthorized third parties, however, rule 6 provides that the service provider may disclose the information to fulfil its legal obligations or by any order under the law for the time being in force. 

5. What's the difference between a privacy notice and a privacy statement?

Privacy Notice is a statement made to a data subject that describes how the organization collects, uses, retains and discloses personal information. A privacy notice is sometimes referred to as a privacy statement, a fair processing statement or sometimes a privacy policy.