Get a privacy policy for your HTML5 & Flash games website

Get a privacy policy for your HTML5 & Flash games website

Today we’d like to talk about the legal aspects of running an HTML5 or Flash games website: your privacy policy. To be more precise, we want to tell you why you should have a privacy policy and we’d like to talk about what you need to write inside of it.
If you’re not interested in the why, you can skip the first part and read on at how to write a privacy policy for a gaming site.

The easiest way to describe why you need to have a good privacy policy for your HTML5 games website is to look at what most similar sites do. To monetize their content, most HTML5/Flash games sites run advertisement. If you want to make money with your games using AdSense, you’ll be asked to provide a privacy policy document to use Google’s service. AdSense is just the most popular example, but other services work pretty much the same.

There are many other reasons why you’ll need a privacy policy for your website. Be aware that they may slightly differ depending on where you are based and who your site is targeting. If you are targeting Europeans from the US, you should at least understand that there are more strict privacy rules in place for them. So let’s dive right into it with some useful questions and answers.

Do I need a privacy policy for an HTML5 based games website?

It’s very likely that you are at least under 1 obligation to make a privacy notice available on your site. You can try asking yourself the following questions, if you are not sure.


Are privacy policies for HTML5 games required by laws?

Usually, legal requirements are the first ones you’ll need to check. While they may differ from place to place, they usually come down to similar rules: 

  • websites with a commercial intent or websites that are collecting personal data from their users (both conditions are very likely to be triggered by games websites) need a privacy policy;
  • legislations around the globe have similar rules for privacy notices.

If you want to do the work alone, the best places to figure out the details about those rules are usually your local data protection authorities. Since this is a blog post in english, you will find some of the relevant data protection sites listed here:


Is the privacy policy required by my HTML5 game providers?

Depending on who provides those games to you and your site, they may require a privacy policy in their terms specifically. Usually the relevant paragraph says something like “You will ensure that you have a properly updated privacy notice visible on your site at all times/make sure to honor your users’ privacy”.
Therefore check your publisher’s terms and see what they say.


Is the privacy policy required by my ad service (AdSense for example)?

Since most game sites try to monetize with ads, we will have a look at what this means for the privacy policy. It’s very likely that your advertisement service provider will want to see some legal statement. Let’s see what AdSense and Google say in their terms

8. Privacy


You will ensure that at all times you use the Services, the Properties have a clearly labeled and easily accessible privacy policy that provides end users with clear and comprehensive information about cookies, device-specific information, location information and other information stored on, accessed on, or collected from end users’ devices in connection with the Services, including, as applicable, information about end users’ options for cookie management.  You will use commercially reasonable efforts to ensure that an end user gives consent to the storing and accessing of cookies, device-specific information, location information or other information on the end user’s device in connection with the Services where such consent is required by law.

You can see that AdSense specifically requires a privacy policy and you could get in trouble for not properly displaying or following that privacy policy. Let’s look at how you can write your privacy policy for your site as well and fast as possible.

How do I write a privacy policy for an HTML5 games site?

A privacy policy is a document that informs your users about the data collection practices on your site. It is usually placed in the footer of a site in order to be immediately reachable by everyone. You need to pack a couple of details into your privacy policy:

  • What kind of personal data is collected. 
    Tell your users which kind of data is collected. If you have a contact form with an email and name field for example, indicate this fact. In the case of an HTML5 game site with usage of ads and displaying of external content, you will very likely be using cookies and sharing certain data with third parties. Your users are not aware of this, which is why we are telling them these details via the privacy policy.
  • Describe how this information will be used by the company.
    What’s the purpose, etc?
  • Describe how this information will be transferred to third party companies.
    Do others collect information about your users, or do you share your users’ personal information with any third party? In our case, a site using AdSense and GamePix, we’d put information about using those companies here. Read the next section of this article for more information.  
  • Provide instructions on how users can modify or delete their personal information.
    Can they get in touch? Or do it on the site? 
  • Provide instructions on how users can opt-out of future communications and contact you directly. 
    Is there a link, or again, a specific email address at which people can reach you?
  • Identify its effective date and outline how you’ll notify people of material changes to your privacy policy. 
    How old is it? How will the users learn about changes?


How do I write a privacy policy if I am embedding games like the ones provided by GamePix?

  • Publishers of GamePix’ games: since GamePix provides HTML5 games as a third party for your site, you should include GamePix inside your privacy policy as a third party service, linking back to our privacy policy, so the user understands what’s happening when they’re playing games on your website or blog.
  • Displaying ads provided by AdSense: state the fact that you use AdSense and describe what it does for you exactly. Link to their site and privacy policy. Also, you should tell people how they can opt-out from the DoubleClick cookie. The same is true for other advertising networks, a general opt-out can be found at this link:

More about AdSense itself and their rules for privacy policies can be found at

Where can I find help to write my privacy policy for my HTML5 game based website?

The safest way to write privacy policies is to hire a lawyer to craft them for you. But, hear-hear, there are other helpful tools out there such as iubenda, that will help you generate a great privacy policy with a few clicks, also keeping your drafts legally up to date. iubenda is a GamePix partner company and on their website you can compile a custom privacy policy just by adding the “GamePix” module from the list, with the fitting clause integrated. You will also find the AdSense clause ready to be used right away.


Note: this post was written in collaboration with iubenda, an expert for privacy policies on the web and apps.