Privacy policy guidelines

Privacy is tough to get right. It's a complicated concept involving laws, social norms and user expectations. The developer of an app, site, page, or add-on that takes privacy seriously inspires user trust. We've put together these guidelines to help you make a privacy-conscious app, and write a good privacy policy for it. Please remember that this is not a substitute for a real lawyer and doesn't provide legal advice.

Privacy policies

A privacy policy is a description of what you do with data. The critical things to describe are how you collect, use, store, and share or disclose information about people. We've put together a privacy policy template to help make this a little easier.

https://github.com/flamsmark/privacy-policy-template

Check out the README to get started. You should copy our template and fill in your data as needed. We think that using it will make writing a privacy policy easier, but we don't promise that that you'll make a good or accurate policy just because you use it. Hopefully, it'll help draw your attention to some of the main privacy issues that you should be thinking about. Feel free to fork and improve it!

It is good practice (and in some cases, legally required) to include a privacy policy to help your users understand what's happening with info about them. Different places around the world have specific requirements for how user data is collected, used, stored and disclosed. You definitely need to talk to a lawyer to help you navigate the world of privacy and make a privacy policy that tells your users what they need to know.

Mozilla Marketplace privacy requirements

If have an app or add-on that collects data about your users, you are required to have a privacy policy to list it in the Mozilla Marketplace.

Privacy tips for designing apps

  • Design your app or add-on so that what you actually do with user data is what users think you are doing with it.
  • Try to give the user as much control over their data as you can, such as giving them the choice to opt-in to or opt-out of data collection whenever possible.
  • Try to limit your data collection and use to only the data that you need.
  • Design your app and service to protect the security of your user's data in its collection, storage, and use.
  • Respond to user questions and concerns about your privacy practices.
  • Avoid 'secret' updates.
  • Make your use of social features transparent, so that users are aware of when they're sharing data socially.
  • Give people a way to turn off automatic sharing or make more granular choices about sharing data.
  • Obtain consent from users when necessary, especially for location and other sensitive information.
  • Put a link to your privacy policy and, if you have them, your "terms of use" somewhere in your app.

Document Tags and Contributors

Contributors to this page: jswisher, alispivak, flamsmark, JishnuM, chrisdavidmills
Last updated by: alispivak,