Quoting Netlify's Privacy Policy Sections in my Own Website's PP

Hi all. I am using Netlify for hosting my website, and engaged a lawyer to write a privacy policy for it. Upon finding out that I use Netlify, he has incorporated much of Netlify’s own privacy terms, including placing cookies etc., in a section devoted to Netlify in my Privacy Policy.

I feel that presents a wrong picture because my site does not use any cookies at all (it does not use Google Analytics etc.), and Netlify also does not place any cookies because my visitors don’t access Netlify’s own website. A lot of other information such as creating accounts (with Netlify) seems superfluous to say the least. I pointed this out to my lawyer but he says that to be on the safe side he recommends quoting the policy almost in toto rather than just linking to it with a small intro (which is the way Netlify itself recommends). I tried to point to him the inaccuracies this introduces but he didn’t seem very amenable to that discussion and probably isn’t tech savvy enough to feel comfortable with examining those details.

I am not asking for legal advice here, but what do you all think, and what can I do when my lawyer seems to be recommending something sub-optimal? And if someone from Netlify’s data security team can weigh in, that would be ideal. Thanks!

PS: A quick addendum in case you are thinking on those lines - Early efforts to find tech-savvy lawyers in his place have not looked very promising so far.

Hi. Can someone from staff perhaps help move this to Admin (or other suitable category) so that it has a better chance of getting a response? Thanks. @perry @SamO

@Tachio I think you’ve probably tagged the wrong people to get an answer.

perry → hasn’t worked for Netlify since July 2022, see:
https://answers.netlify.com/t/goodbye-all-my-time-at-netlify-is-coming-to-an-end-this-friday-july-8/70819

SamO → was active yesterday, but may not work for Netlify anymore, her profile shows ‘netlify_alumni


The nature of the question means regular support staff likely can’t answer from their own knowledge.

I’d suggest waiting another 3 business days, if you receive no response bump the thread again.

1 Like

Thank you, @nathanmartin, I really appreciate the clarification and your suggestion. Let me wait some more and hopefully someone will be able to share some insights.

And in case it’s possible that you/someone can suggest a way to directly address/tag people/teams with the right knowledge about this subject, that would be awesome, too. In any case, thank you again for helping out.

@Tachio I’d recommend not tagging anyone.

Another avenue that you could try would be the contact details at the bottom of Netlify’s Privacy Policy:
https://www.netlify.com/privacy/

Ultimately if I were you, I wouldn’t expect them to respond with a definitive answer or opinion.
What you’re asking will be specific to your site and legal jurisdiction and isn’t a service they provide.
They’ll be concerned with their own policy, but not the policy of others unless there’s some infringement.

Thanks, Nathan, that makes a lot of sense. In fact, I had equal, if not more, hope of gaining from the perspectives of fellow Netlify users who have a privacy policy of their own on a Netlify-hosted website. I am curious to know if, like me, they have been advised to reproduce much of Netlify’s privacy policy within their own policy. And if yes, how do they navigate the potential confusion or erroneous communication caused by some of Netlify’s terms (especially the points I mentioned about cookies and accounts)? Do they rewrite or paraphrase those sections to make things clearer, for instance?

I am not expecting legal advice here, nor will I treat any perspective as legal advice. However, since there are so many Netlify users – many of whom probably have privacy policies of their own – I was hoping to know the general trends and views around how others are working with this. Thanks.

@Tachio I understand why you’re asking the question, but the community here likely isn’t active enough for you to get the kind of answer you seek in a timely fashion.

Check the users lists and you’ll see low activity:
https://answers.netlify.com/u?order=post_count

I can’t advise regarding your specifics, I don’t even know what region of the world you’re in.

Here in Australia most small businesses I’ve dealt with over the years have used online generators to create basic Privacy Policies, the larger US and European businesses I deal with have legal departments that are responsible for their policies.

Thanks a lot, man, this is very helpful for someone like me to get familiar with the userbase and how the forum works. I guess for now I’ll just wait for a few days to see if I get a response. Cheers!

Not a legal advice, but I don’t think it makes much sense to quote Netlify’s privacy policy especially if your website significantly differs.

As a side note, I haven’t seen many websites quote or even link to the privacy policy of their server, so looking at those, maybe your privacy policy should also only be concerned about your own website. Because by your lawyer’s logic, you might as well quote AWS’ privacy policy because Netlify is essentially hosted on AWS.

1 Like

Thanks, Hrishikesh, those are some great points and it’s great to know your perspective. I have tried to search for privacy policies of sites hosted on Netlify, and of the handful that I found, none quotes Netlify’s privacy policy as such, though many do link to it. Instead, they mention what data is collected in server log files, such as the visitor’s IP address, which makes a lot more sense.