Privacy Policy on ecommerce and social platforms


  1. GDPR requires you to inform your customers in all channels you use of your privacy policy
  2. In 2022 the EU has adopted the Digital Services Act (DSA) that requires all platforms to take an active role in confirming all parties on their platform abide by the EU rules and especially the GDPR and consumer rights. You can find more information on the DSA here.

Privacy Policy on ecommerce and social platforms – Considerations

  1. Firstly, all platforms where your firm interacts with customers or suppliers should already be listed as third parties in your Third Party dossier. Also, you might want to confirm all platforms are captured and make any additions as needed.
  2. Secondly, log in to each platform and on your company’s profile page see where best to make reference to your privacy policy. Platforms should have a dedicated field for you to reference the link to your privacy policy. In the absence of a dedicated field do reference your privacy policy in the “About Us’ section. As an example, this is how we as GDPRWise referenced our privacy policy on the LinkedIn platform‘To understand how we might process your personal data, do consult our privacy policy by typing this link into your browser’.


For more GDPR-related information, see our GDPR Knowledge Base on Data Security or our post on GDPR Compliance checklist for the SME.

Also, feel welcome to try our Free GDPR Policy checker, see if your Policy is compliant.