Goodlawyer connects clients with lawyers
Goodlawyer connects clients with lawyers

Ensure your Privacy Policy complies with the law.

Speak directly with a specialized lawyer to create the perfect Privacy Policy for your website.

$360 for Basic — $960 for Complex

Illustration of a privacy policy

Not sure what you need? Book a free call with our Legal Concierge.

Meet Canadian privacy requirements.

Having a strong Privacy Policy is essential to every website and mobile app because it clearly defines how personal information is collected, stored and used. Oh yeah... It's also required by law.

Illustration of a strong business owner.

You need a Privacy Policy.

It's required in Canada.

The Personal Information Protection and Electronic Documents Act (PIPEDA) requires businesses to publicly display their Privacy Policy.

Avoid unnecessary risks.

Using a generic Privacy Policy you found online might leave you exposed in certain areas, resulting in heavy government fines.

More than just the Policy.

Your lawyer will examine your practices around personal data to ensure that your business complies with government regulations.

What's covered in a Privacy Policy?

You'll have a kick-off call so your lawyer can learn about how your business collects, stores, and uses personal information. They will then advise you on if you require a Basic or Complex Privacy Policy. Learn more about the differences on the Info Sheet below.

Illustration of privacy policy man.

Your Privacy Policy

1. Data collection and use

Accurately communicate what personal information your business collects, how it's collected, and how it's used.

2. Cookies and logs

If your website uses cookies or logs, which most websites do, you'll need to declare how this works.

3. Data storage

Declare where data is being stored and for how long. This is essential in Canadian privacy law.

4. Provincial, national, and international compliance

Your lawyer can familiarize you with privacy laws and help you ensure your business complies wherever you operate.

How do Privacy Policies work?

A lady booking a call with a lawyer

1. Book your kick-off call

Pick a time to discuss your policy and unique business needs with a lawyer.

A lawyer calling their client.

2. Build your Privacy Policy

Work with your lawyer to draft the perfect Privacy Policy for your site.

Clients and lawyers shaking hands.

3. Get your policy

Get a digital copy of the policy, ready to be added to your website.

Book a Privacy Policy

Rest easy with a bespoke Privacy Policy that you can rely on.

Frequently asked questions

Do I need a Privacy Policy? 

Without an accurate Privacy Policy, you are breaking the law. Not only that, but a sound Privacy Policy is good for business. It adds credibility and shows that you care about your customers and take good care of their personal information.

What's the difference between a Basic and Complex Policy?

A Basic tier may be suitable for organizations operating in Canada collecting information from Canadian users and customers with simple and non-extensive use and collection practices. 


  • A single omnibus Privacy Policy
  • Collection of basic personal information
  • Simple automatic data collection and third party use
  • Simple opt-out provisions

Complex tier is suitable for organizations with more extensive personal information use and collection practices, either on a website or offline, that operate a website or store/process/transfer personal information outside of Canada. 

May include:

  • Layered, just-in-time, or differentiated use policies
  • Collection and use of sensitive personal information
  • Collection and display of user contributions (e.g. forums or comments)
  • Complex automatic data collection and third party use
  • Non-obvious or unexpected uses of personal information
  • Complex or lengthy opt-out provisions, or the use of opt-in provisions
  • Organizations or websites operating internationally, or which transfer/process/store personal information outside of Canada.

What is “personal information”?

“Personal Information” constitutes any information that can identify an individual. That can include anything as simple as contact information on a popup form, to something as complex as the information collected and saved through cookies as part of online tracking and targeting for personalized advertising.

Can I just use a Privacy Policy I find online? 

Online businesses all have their own complexities and nuances that can’t be captured in a standard or automated template, or by copying another site’s Privacy Policy. The only way to ensure you and your business are adequately protected is to have a lawyer review your practices around personal information ensuring you’re in compliance with the law, and drafting a tailored Privacy Policy that is accurate for your business.

How long does a Privacy Policy take to draft? 

Typically, from the time of your kick-off call you can expect to have your final Privacy Policy within a few business days. If your situation is more complex than usual, it could take a bit longer, but rest assured your website and app will be compliant in no time! 

Do I need a lawyer in my province? 

In most cases, you should be able to get a Privacy Policy drafted by any lawyer across Canada. Although PIPEDA is a federal mandate, some provinces like Alberta and British Columbia have additional privacy laws that might require local expertise depending on the nature of your business. No matter where you are in Canada, we can find the right lawyer for your Privacy Policy. 

As a Canadian business, do I need to comply with GDPR, CCPA, and other international regulations? 

Although your business is exclusively in Canada, all it takes for you to be in breach of GDPR or CCPA is having a resident of the European Union or California submit personal information on your website or app. Something as simple as signing up for your newsletter and giving you their email address mandates that you must adhere to GDPR or CCPA. A good lawyer will be able to identify if you need to have GDPR and CCPA compliance in your Privacy Policy.

Where should I put my Privacy Policy on my website/app? 

While there are no exact requirements on where your Privacy Policy needs to be on your website or app, there is a legal requirement that it not be hidden and be easy to access for all visitors and users. Most websites will link to their policy in the footer. Most apps will either include it in a settings or about menu, the app listing on the app store, or on the app’s accompanying website.

How does a Privacy Policy relate to the Terms of Service? 

Privacy Policies and Terms of Service documents are closely related as they both govern the relationship between your business’ online presence and your customers’ online visits. It is extremely common to get both documents drafted at the same time for increased efficiency and minimized costs. Ask your lawyer about drafting these documents together for additional savings or, learn more about Terms of Service here

Will I be able to communicate with my lawyer after the kickoff call?

Yes, absolutely. You can use the Goodlawyer platform to send messages and files. If substantially more communication is needed, your lawyer may request another call.

Are there any resources that talk about Privacy Policies?

Yes, our blog has a post about Privacy Policies to help you learn more.

Not sure what you need? Book a free call with our Legal Concierge.

Goodlawyer is an interactive online service that makes it faster and easier for clients to find and hire legal help solely based on their preferences. We are not a law firm, do not provide any legal services, legal advice or “lawyer referral services” and do not provide or participate in any legal representation.

Goodlawyer connects clients with lawyers
Goodlawyer connects clients with lawyers
Copyright © Goodlawyer Inc. 2021