How it works
- 1
Fill in your company details
Enter your company name, website URL, contact email, and data retention period. These are inserted into the policy text.
- 2
Select what data you collect and which services you use
Check the data types you collect (email, IP address, payment info, etc.) and any third-party services (Stripe, Google Analytics, etc.). The relevant sections are auto-generated.
- 3
Copy the result
Get your policy as Markdown or plain text. Paste it into your website's /privacy page. Have a lawyer review it before publishing.
Compliance mode
Data you collect
Third-party services you use
🛡️ Verify zero uploads — open DevTools → Network tab
Open your browser's DevTools (F12), go to the Network tab, and use this tool. You will see zero outbound requests — all processing runs inside your browser sandbox via WebAssembly or pure JavaScript. Nothing you paste or upload is ever sent anywhere.
Use cases
SaaS products and web apps
Every website collecting any user data needs a privacy policy. GDPR requires one for any EU users; CCPA for California residents.
App Store submissions
Both the Apple App Store and Google Play require a privacy policy URL before your app can be published. Use this to generate one quickly.
Early-stage startups
Get a baseline policy in place while your product is in development. Update it as your data practices evolve.
Frequently Asked Questions
Is this a legally binding privacy policy?
This tool generates a starting point based on common privacy policy templates. It is not legal advice and should be reviewed by a qualified attorney before publishing. Your specific data practices may require additional clauses.
Does GDPR apply to my website?
GDPR applies if you collect personal data from EU residents, regardless of where your company is based. If your website is accessible in the EU and collects any personal data (including IP addresses or cookies), GDPR likely applies to you.
Does CCPA apply to my business?
CCPA applies to for-profit businesses that meet at least one of: annual gross revenue over $25M; buy/sell/receive personal info of 100,000+ consumers or households per year; or derive 50%+ of annual revenue from selling personal information.
What is a data retention period?
The data retention period is how long you keep personal data before deleting or anonymising it. GDPR requires you to specify this and not keep data longer than necessary. Common practices: session data for 30 days, account data for the duration of the relationship plus 1 year, analytics for 26 months.
Is my data sent anywhere when I use this tool?
No. All policy generation happens in your browser using JavaScript template strings. No form data leaves your device.
Want unlimited access + saved history?
Pro is $6/month · 30-day money-back guarantee.
