WP Engine Products

WordPress Hosting

Boost performance while managing less

WooCommerce Hosting

Build faster and sell more with WooCommerce

Headless WordPress

Build, deploy, and manage headless sites

View More Products

Solutions

Small Businesses

Enterprises

Agencies

eCommerce

View More Solutions

Website Tools

Smart Plugin Manager

Website Tester

Website Monitoring

WordPress Themes and Tools

Local WordPress Development

Featured Plugins

Advanced Custom Fields

Build rich, custom content editing experiences

WP Migrate

Migrate WordPress sites with confidence

WP Offload Media

Offload media assets & serve them lightning fast

WP Offload SES

Improve email send reliability with Amazon SES

View More Recommended Plugins

WordPress Resources

WP Engine Resources

Articles and videos for help with WordPress

WP Engine Help Docs

Guides for site setup & troubleshooting

Free Website Migration

Automated migration plugin & support

Find a WordPress Agency

Need help? Search our agency directory

Stay Connected

WP Engine Blog

Builder Community

Headless Developer Community

Torque Magazine

Velocitize Magazine

Thought Leadership

Velocitize Talks

Erik Posthuma of Aleph-labs on Web3, Cryptocurrency, & More

Podcast

Press This, the WordPress Community Podcast

Study

The World’s First Study of the WordPress Economy

Why WP Engine?

Our Platform Technology

Managed WordPress Hosting

Fast WordPress

Secure WordPress

24/7 WordPress Support

About Us

WP Engine Reviews

How You Win with WP Engine

Build faster, protect your brand, and grow your business with the #1 WordPress platform to power remarkable online experiences.

Learn More

Customer Spotlight

Peak Performance With Headless WordPress

Android Authority increases speed 6x by adopting a headless architecture with a WordPress back-end.

All Case Studies

Contact sales

Call Us

+1-512-273-3906 to talk to a sales expert

Request a Quote

Submit a request for a personalized plan recommendation

Let’s Chat

Customer Support

Support Articles

Billing Help

Password Help

Log In for Support
Easiest Migration Ever!

Need Help Choosing a Plan?

We offer solutions for businesses of all sizes. For questions about our plans and products, contact our team of experts. Get in touch

Resource Center
‹ Back to Resource Center
WordPress Security and Antivirus Plugins. a laptop with a blue lock icon displayed on a black background

How to Add a Privacy Policy in WordPress

Posted in Analytics, Security, WordPress by WP Engine

Last updated on February 21st, 2025

User privacy and data protection continue to be top priorities for website owners. With evolving global regulations like GDPR, CCPA, and other privacy laws, having a clear, accessible privacy policy is essential—not just for legal compliance, but for building trust with your audience.

Fortunately, WordPress makes it easier than ever to create and display a privacy policy, whether you’re using the block editor (Gutenberg) or the Classic Editor. In this guide, we’ll walk you through both methods so you can ensure your site meets modern privacy standards.

What is a privacy policy and why do you need one?

A privacy policy is a crucial document that outlines how your website collects, processes, stores, and protects user data. It serves as a transparency tool, informing visitors about the types of information gathered—whether through contact forms, analytics, cookies, or third-party services—and how that data is handled.

What Is a Privacy Policy?

Beyond transparency, a privacy policy is often a legal necessity. Many countries and regions enforce strict data protection laws that require websites to clearly disclose their data practices. For example:

Even if your website doesn’t sell products or require user logins, it’s likely still gathering visitor data through analytics tools, embedded media, or email subscription forms. Having a privacy policy not only keeps you compliant with these laws but also fosters trust with your audience, reassuring them that their information is handled responsibly.

If you don’t have a privacy policy in place, now is the time to create one. WordPress provides built-in tools to help you generate and display a privacy policy with ease—whether you’re using the block editor or the Classic Editor.

In the next sections, we’ll walk you through both methods to ensure your site meets today’s privacy standards.

How to add a privacy policy in WordPress (block editor)

For users who have the block editor enabled, follow these steps:

Step 1: Create or assign a privacy policy page

  1. In your WordPress dashboard, go to Settings > Privacy.
  2. If you already have a privacy policy, select it from the dropdown and click Use This Page.
  3. If you need to create a new one, click Create New Page.

WordPress will generate a pre-populated template with recommended privacy policy sections.

Step 2: Customize your privacy policy

  1. Go to Pages > All Pages and open your Privacy Policy page.
  2. You’ll see a default template with key sections, including:
    • What personal data we collect
    • Cookies & tracking technologies
    • Embedded content from other websites
    • Who we share data with
  3. Edit each section to match your site’s specific data practices.
  4. Use blocks (e.g., Heading, Paragraph, List) to organize content clearly.
  5. If you need more guidance, click the WordPress Privacy Guide link at the top of the page for official recommendations.
  6. Once finished, click Publish or Update.

Step 3: Display the privacy policy on your website

To ensure visitors can find your privacy policy:

Method 1: Add it to your navigation menu

  1. Go to Appearance > Menus in the WordPress dashboard.
  2. Select your primary menu (or create a new one).
  3. On the left, check the Privacy Policy page and click Add to Menu.
  4. Drag it to your preferred location and click Save Menu.

Method 2: Link it in your footer

  1. Go to Appearance > Widgets.
  2. Add a Navigation Menu or Custom HTML widget to your footer.
  3. Select your Privacy Policy menu or manually insert a link.
  4. Click Save Changes.

Method 3: Include it in your cookie banner

  • If you use a cookie consent plugin (like CookieYes or Complianz), most allow you to link your privacy policy directly within the cookie notice.

How to add a privacy policy in WordPress (Classic Editor)

If your website still uses the Classic Editor, the process is slightly different but still straightforward.

Step 1: Create or assign a privacy policy page

  1. Go to Settings > Privacy in your WordPress dashboard.
  2. Choose an existing page or click Create New Page.

Step 2: Customize your privacy policy

  1. Go to Pages > All Pages and open your Privacy Policy page.
  2. The Classic Editor will display the default WordPress privacy policy template in a standard text editor.
  3. Edit each section as needed to reflect your site’s data policies.
  4. Format the text using the editor toolbar (bold, bullet points, etc.).

Click Publish or Update when finished.

Step 3: Display the privacy policy on your website

The steps to add the privacy policy to menus, footers, or a cookie banner are the same as in the Block Editor method.

Customizing and displaying your privacy policy in WordPress

Beyond adding a privacy policy page, consider additional customization and placement strategies:

  • Theme customization options – Some WordPress themes include dedicated footer areas or legal disclaimers where you can display a privacy policy.
  • Manually editing theme files – For advanced users, adding a hardcoded privacy policy link in your theme’s `footer.php` file ensures it’s always visible.
  • Using plugins – Plugins like WP Legal Pages or GDPR Cookie Consent can automate privacy policy management and ensure compliance with evolving laws.

Alternative ways to create a privacy policy

While WordPress provides a built-in privacy policy template, you may prefer a more customized approach to ensure your policy aligns with your specific business model, industry requirements, and legal obligations. Here are a few alternative ways to create a privacy policy that meets your needs:

  • Use an online generator – If you want a quick, legally compliant privacy policy, online tools like Termly or Iubenda can generate one for you. These platforms offer templates tailored to various privacy laws, including GDPR, CCPA, and PIPEDA, ensuring that your policy includes all necessary disclosures. Some services even provide automatic updates as regulations evolve.
  • Copy and adapt an existing policy – Another option is to research privacy policies from similar websites in your industry. While you should never copy another site’s policy verbatim, reviewing well-crafted examples can help you structure your own. Make sure to tailor the content to reflect your specific data collection practices, third-party integrations, and compliance obligations.
  • Consult a legal expert – If your website handles sensitive user data—such as medical, financial, or personal identity information—working with a privacy lawyer is a smart investment. A legal expert can ensure your policy fully complies with the latest regulations and protects your business from potential legal risks. This is particularly important for companies operating in multiple regions with differing data protection laws.

No matter which method you choose, having a clear, accessible privacy policy is essential for maintaining transparency, complying with regulations, and building trust with your audience.

Keeping your privacy policy up to date

Privacy laws and best practices are constantly evolving, and what was compliant a year ago may no longer be sufficient today. To protect both your users and your business, it’s essential to keep your privacy policy current and reflective of the latest regulations.

  • Review and update your policy regularly – At a minimum, revisit your privacy policy every six to 12 months to ensure it accurately represents how you collect, process, and store user data. If you introduce new features, collect additional user information, or integrate new third-party tools, update your policy immediately to reflect these changes.
  • Monitor legal changes – Laws like GDPR, CCPA, and other regional privacy regulations continue to evolve, often introducing new compliance requirements. Keeping an eye on legal updates can help you proactively adjust your privacy policy and avoid potential fines or legal challenges. Consider subscribing to legal and compliance newsletters or consulting with a privacy expert to stay informed.
  • Ensure third-party compliance – Many websites rely on third-party services like Google Analytics, advertising platforms, and email marketing tools that collect user data. Even if your own data practices comply with privacy laws, the tools you use must also be compliant. Regularly review the privacy policies and data handling practices of any third-party services you integrate with your site to ensure they align with GDPR, CCPA, and other applicable laws.

Maintaining an up-to-date privacy policy is not just a legal requirement—it’s a commitment to transparency and user trust. By regularly reviewing and refining your policy, you demonstrate to your visitors that you take their privacy and data protection seriously.

Final Thoughts

Adding a privacy policy to WordPress is easier than ever, thanks to built-in tools in both the block editor and Classic Editor. Whether you create your policy from WordPress settings, use a third-party generator, or consult legal experts, the key is to ensure transparency and compliance with global privacy standards.

By making your privacy policy easy to access and keeping it up to date, you not only protect your business legally but also build trust with your audience.

For more WordPress security and privacy tips, check out WP Engine’s Resource Center.

Get started

Build faster, protect your brand, and grow your business with a WordPress platform built to power remarkable online experiences.

Get Started

Explore WordPress Hosting