(Data) Protection Racket: GDPR privacy policy template for web professionals

The EU’s General Data Protection Regulation (GDPR) comes into effect on May 25th 2018 and web designers and our clients need to be prepared. This open source GDPR privacy policy template is designed for web professionals.

“Market-leading” General Data Protection Regulation templates can cost hundreds of Pounds, so I thought I’d turn my hand to writing a GDPR data protection and privacy policy.

In the spirit of my Contract Killer, I’ve called this one “(Data) Protection Racket.” It’s yours to adapt and use for free, but if you like it, why not send me some money? (If you don’t, I promise not to set your restaurant on fire.)

This policy covers

  1. Why you value privacy
  2. What information you hold
  3. Where you store information
  4. What you use information for
  5. Who’s responsible for information at your company
  6. Who has access to information
  7. The steps you take to keep information private

Once again, My goal was to keep the language simple and free from legalese. After all, if you want someone to agree to something, they need to understand it first. I also wanted to share it so that other designers can use it too. I hope that you like it and please share your feedback and suggestions on how to improve it. I really do read every email and tweet.

Get my GDPR privacy policy template here and please share it on Twitter.

Update: This policy is now open to contributions on Github.


I’m available for hire to consult on and design products and websites. Based in North Wales, I travel regularly to work with clients world-wide.

Available from January 2020

Talk soon

For work enquiries email

Or call us on +44 (0)1745 851848


Stuff & Nonsense Ltd.
Eversleigh, Lon Capel,
Flintshire, North Wales,
LL18 6EJ, UK