Privacy Policy Guidelines For Google and Facebook Ads and Remarketing / Retargeting

If you’re advertising on either (or both) of Google Ads or Facebook Ads, you NEED to have a privacy policy on your site to let people know how you are going to deal with their information when you collect it.

This blog post provides some resources and guidelines to help you create your own Privacy Policy that is both Google & Facebook friendly.

HOWEVER, please note that none of this information is legal advice! I am neither a lawyer nor do I play one in a sitcom, so I advise you to still consult with a proper legal professional to make sure all the ‘i’s are dotted and the ‘t’s are crossed!

No matter which country you live and operate in, chances are VERY high that there are laws around privacy that you will have to abide by.

Whether it’s how you are allowed to collect and use peoples personal information, or the way in which you have to inform them of their rights in this regard.

Personal data can include things like:

  • email
  • name
  • phone number
  • address
  • etc…

When you’re running ads to generate leads, chances are high that you will be aiming to collect 1 or more of these items of personal data from people, and therefore you are (usually) legally obliged to let them know how you will use AND protect their personal and private information.

On top of that, when you are using online tools such as Google Analytics, Google Remarketing, Facebook Retargeting (via the Facebook Pixel), and even uploading prospect & customer data files to create custom audiences (in Facebook) and Customer Match lists (in Google), you will also need an appropriately worded privacy policy on your landing pages/website that people can visit and read if they so choose.

Given the ever-changing world we live in, you should also be aware that both the laws of your country and Google & Facebook’s rules and guidelines around this topic are likely to change over time, so you canNOT assume you just have to do this once and then you can forget about it.

In particular, you should be checking in with both Google & Facebook’s guidelines around this, as they often get updated and you could be non-compliant and not know about it.

I’m often asked by clients WHY they need to have a privacy policy, and aside from it most likely being a LEGAL REQUIREMENT in your country, third-party services such as Google Analytics and the Facebook Pixel typically require you to display a Privacy Policy as part of their Terms of Use.

In other words, if you don’t have a Privacy Policy, you run the risk of your ad account being shut down.

If you actually are relying on being able to run ads on Google &/or Facebook, then it just makes sense that you will abide by their rules, even if you don’t like it.

Finally, people visiting your website will often WANT to know what you are going to do with their personal information, and if you don’t make it easy for them to find out the specifics, they’re less likely to be willing to provide their information to you (which is obviously NOT helpful!)

Some examples of different countries or states Privacy Laws include:

  • EU’s GDPR (General Data Protection Regulation)
  • California’s CalOPPA (California Online Privacy Protection Act)
  • Canada’s PIPEDA (Personal Information Protection and Electronic Documents Act)
  • Australia’s Privacy Act
  • UK’s DPA (Data Protection Act)

You can google whichever of these are relevant to you if you require further information.

#1 Resource – Terms Feed

One of the most comprehensive sites I have found online to help you get everything sorted is Terms Feed, found at

Here’s their short intro video on the subject AND an introduction to how their Privacy Policy Generator can help you get your own privacy policy written fast.

and here’s the link to their online privacy policy generator.

NOTE: Some of the options available with the privacy policy generator on their site do require payment.

You can check this page on termsfeed’s website to see what discount coupon codes they have available at the moment:

Privacy Policy for Facebook Retargeting

Facebook Advertising Policies

Privacy Policy for Google Analytics

Privacy Policy for Google Ads Remarketing

Takeaways from Google’s Privacy Dashboard

Adding Your Privacy Policy To Your Website

If you have a website AND you (now) have a privacy policy, the next step you’ll face is where to add the privacy policy to your site.

Where to Place Your Privacy Policy on Your Website:

If you have a WordPress website, this video explains how to add your Privacy Policy to it:

Europe / GDPR Privacy Policy

If you’re in Europe and have to have a GDPR friendly Privacy Policy, here’s TermsFeed’s introduction to GDPR.

Make sure your GDPR-compliant Privacy Policy includes the following information:

  • Whether you’re a data controller, data processor or both
  • Your contact information, and contact information for your DPO (if applicable)
  • Address the 8 rights of users
  • Your purposes for collecting personal data
  • If you transfer personal data internationally
  • What your legal basis for processing data is

Plus your privacy policy must be clear and easy to read, and not include any legalese!

Read more here:

And here’s a short video introduction to the topic:

GDPR vs Australian Privacy Principles

Assorted Useful Links/Resouces

Facebook Business Tools Terms –

(Google) What to include in your privacy policy for remarketing –

NAI’s “How to opt-out of interest-based advertising” –

Facebook Self-Serve Ad Terms

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top