In this section, you must indicate your site’s URL, along with the name of the company, organization, or person behind it, along with some accurate contact information.

The amount of information you may be required to show varies according to local or national labor regulations. You may, for example, offer a physical address, registered address, or company registration number.

Suggested text: Our website address is:


What personal data we collect and why do we collect it

In this section, you should indicate the personal data that you collect from users and site visitors. This may include personal data, such as name, email address, and personal account preferences; Transaction data, such as purchase information; Technical data, such as information about cookies.

You should also indicate any collection or retention of sensitive personal data, such as health-related data.

In addition to listing the personal data you collect, you should indicate the reason for collecting it. These explanations must indicate either the legal basis for collecting and retaining data, or the active consent given by the user.

Personal data is not only created through user interactions with your site. Personal data is also generated from technical processes such as contact forms, comments, cookies, analytics, and third-party embeds.

By default, WordPress does not collect any personal data about visitors, and only collects the data shown on the user profile screen from registered users. However, some plugins may collect personal data. You should add the relevant information below.



In this subsection, you should indicate the information captured through the comments. We previously mentioned about the data that WordPress collects by default.

Suggested text: When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymous string generated from your email address (also called a hash) may be provided to Gravatar to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture will be visible to the public in the context of your comment.



In this subsection, you should indicate information that may be disclosed by users who can upload and download media files. Usually, all files uploaded are publicly available.

Suggested text: If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Website visitors can download and extract any website data from images on the website.


Contact forms

By default, WordPress doesn’t include a contact form. If you are using a contact form extension, use this subsection to write down what personal data is captured when someone sends a message via a contact form, and for how long you keep it. For example, it should be noted that you retain contact form offers for a certain period of time for customer service purposes, but that you do not use the information provided through them for marketing purposes.



In this subsection, you should include the cookies that your website uses, including those set by plugins, social networks, and analytics services software. We have provided cookies that are installed by WordPress by default.

Suggested text: If you leave a comment on our site, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie does not contain any personal data and is disposed of when you close your browser.

When you log in, we also set up several cookies to save your login information and your display options. Login cookies last for two days, and screen options cookies last for a year. You will continue to log in for two weeks when you choose “Remember me”, and if you log out of the account, the login cookies will be deleted.

An additional cookie file will be saved in your browser if you edit or publish an article. This file does not include any personal data, it just indicates the ID of the article that you edited. It will expire after one day.


Embedded content from other websites

Suggested text: Articles on this site may include embedded content (for example, such as videos, images, articles, etc.). Embedded content from other websites behaves in exactly the same way as if the visitor visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with this embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that site.



In this subsection, you should indicate the analytics package that you use, the manner in which users can disable Analytics Tracking, and a link to your analytics service provider’s privacy policy, if applicable.

By default, WordPress does not collect any analytics data

With whom we share your data

In this section, you should name and list all third-party providers with whom you share location data, such as partners, cloud services, payment processors, and third-party service providers, and state what data they share and why. Link to their privacy notices if applicable.

By default WordPress does not share any personal data with anyone.


How long do we keep your data

In this section, you should explain how long you keep personal data collected or processed by the website. Although it is your responsibility to determine the timeline of how long and why you keep it for each dataset, this information needs to be included here. For example, you might say you keep contact form entries for six months, analytics logs for a year, and records of customer purchases for ten years.

Suggested text: If you leave a comment, the comment and its metadata will be retained indefinitely. This is so that we can recognize and approve any follow-up comments automatically instead of keeping them in a moderation queue.

For users who register on our website (if any), we also store the personal information they provide in their user profile. All users can see, amend or delete their personal information at any time (except that they cannot change their username). Website administrators can also see and edit this information.


What rights you have over your data

In this section, you should explain what rights users have over their data and how they can invoke these rights.

Suggested text: If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we keep about you, including any data you have provided to us. You can also request that we delete any personal data we hold about you. This does not include any data we are obligated to keep for administrative, legal or security purposes.


Where we send your data

In this section, you should list all transfers of your location data outside the European Union, and describe the means by which this data is protected in accordance with European data protection standards. This may include web hosting, cloud storage, or other third-party services.

European data protection law requires data about European residents who have moved outside the European Union to be protected according to the same standards as if the data were in Europe. So in addition to listing the data, you should describe how to ensure that these criteria are met either on your own or by third-party providers, whether that is through an agreement like the Privacy Shield or model terms and conditions in your contracts, or binding corporate rules.

Suggested text: Visitor comments can be checked through an automated spam detection service.


Your contact information

In this section you must provide a method of communication about privacy concerns. If data protection officials are required, put the list of official names and full contact information here as well.


Additional information

If you use your site for commercial purposes and are involved in the collection or more complex processing of personal data. You should indicate the following information in your privacy policy, in addition to the information we have already discussed.


How do we protect your data

In this section, you should explain the measures you have taken to protect your user data. It can include technical measures such as encryption; Security measures such as two-factor authentication; And measures such as training staff on data protection. If you have performed a privacy impact assessment, you can mention it here as well.


What are the procedures applicable to breaching the data?

In this section, you must explain what procedures are in place to deal with cases of data breach, potential or real, towards internal reporting systems, communication mechanisms or software bug rewards.


What third parties do we receive data from?

If your site receives data about its users from third parties, including data from advertisers, this data must be included in the section that explains dealing with third-party data within the privacy notice.


What is the decision-making mechanism and / or profiling we do with user data

If your website provides a service that includes automated decision making – for example, allowing customers to apply for credit, or collect their data in an advertisement profile – you should note that this may happen, and include information about how that data is used, and what Decisions are made with this data collected, and what rights users have over decisions made without human intervention.


Disclosure requirements of the industry regulator

You may be required to disclose it here if you are a member of a regulated industry, or are subject to additional privacy laws.

إبدأ محادثة معنا !
مرحبا بك في إنجاز ميديا,
كيف يمكننا مساعدتك ؟