Privacy Policy for Squarespace Websites
Squarespace sites collect personal data through built-in features like Squarespace Analytics, Form Blocks, Commerce, and Member Areas. Whether you run a portfolio, blog, or online store, your Squarespace site processes visitor information that must be disclosed under GDPR, CCPA, and other privacy laws. LegalForge generates a Squarespace-specific privacy policy that covers every data collection point on your site.
Generate for Free — No Signup RequiredHow Squarespace Collects Personal Data
Squarespace collects data through several built-in features. Squarespace Analytics tracks page views, traffic sources, geographic data, and device information for all visitors. Form Blocks capture names, emails, and any custom fields you configure. Squarespace Commerce collects billing and shipping addresses, payment details (processed via Squarespace Payments or Stripe), phone numbers, and order history. Member Areas store login credentials, email addresses, and content access logs. Newsletter Blocks collect email addresses for mailing lists. Even a simple portfolio site with no forms collects analytics data that qualifies as personal data under GDPR.
Squarespace Commerce Privacy Requirements
If you sell products or services through Squarespace Commerce, your privacy obligations increase substantially. You collect payment card data (processed by Stripe or Squarespace Payments), billing and shipping addresses, email addresses, phone numbers, purchase history, and potentially tax identification information for digital goods. Squarespace Commerce also integrates with shipping providers (USPS, UPS, FedEx) and tax calculation services, each of which receives customer data. Your privacy policy must list these processors and explain how order data is used and retained. LegalForge covers all Squarespace Commerce data flows when you indicate you run an online store.
Third-Party Integrations on Squarespace
Squarespace supports numerous third-party integrations that affect your privacy policy. Google Analytics and Google Search Console provide advanced traffic data. Mailchimp, ConvertKit, and Squarespace Email Campaigns handle newsletter subscriptions. Social media integrations (Instagram Blocks, Pinterest Save Buttons, Facebook Pixel) set tracking cookies and share visitor data. Scheduling tools like Acuity Scheduling (owned by Squarespace) collect appointment details, names, emails, and phone numbers. Each integration creates a data-sharing relationship that must be disclosed. LegalForge prompts you for the specific integrations your Squarespace site uses.
Adding Your Privacy Policy to Squarespace
Squarespace has a dedicated legal page section. Navigate to Settings > Legal in your Squarespace dashboard to find fields for Privacy Policy, Terms of Service, and other legal documents. Content entered here automatically appears in a legal navigation section. Alternatively, create a standard page, paste your policy, and add it to your site's footer navigation under Pages > Not Linked or Navigation > Footer. For Commerce sites, Squarespace displays your legal pages during checkout automatically when configured in Settings > Legal. This ensures customers can review your privacy policy before completing a purchase.
Ready to Create Your Privacy Policy for Squarespace?
Answer a few simple questions and get a professionally worded document in seconds. Free, no account required.
Start Generating — It's FreeFrequently Asked Questions
Does Squarespace include a privacy policy for my site?
No. Squarespace provides a Settings > Legal section where you can paste your own privacy policy, but it does not generate one for you. The legal section is simply a text field — you need to write or generate the actual policy content. Squarespace's own corporate privacy policy covers how Squarespace the company handles data, but it does not apply to your individual website. LegalForge generates a policy specific to your Squarespace site's features and integrations.
Does Squarespace Analytics collect personal data?
Yes. Squarespace Analytics collects visitor IP addresses, geographic location, browser and device information, referring URLs, pages visited, and session duration. Under GDPR, IP addresses and device fingerprints are considered personal data. Your privacy policy must disclose that Squarespace Analytics is active and explain what it tracks. If you use Google Analytics alongside Squarespace's built-in analytics, both services must be disclosed separately in your policy.
How do I handle cookie consent on Squarespace?
Squarespace offers a built-in cookie banner at Settings > Cookies & Visitor Data. You can enable a simple informational banner or a consent-based banner that allows visitors to accept or decline non-essential cookies. For GDPR compliance, use the consent-based option and ensure it blocks non-essential scripts (like Google Analytics and Facebook Pixel) until the visitor accepts. Link the banner to your privacy policy page for full transparency.
Is Acuity Scheduling data covered in the privacy policy?
If you use Acuity Scheduling (a Squarespace product) on your site, you collect appointment times, names, email addresses, phone numbers, and any custom intake form data. This data is stored by Acuity and shared with your Squarespace account. LegalForge's generator includes Acuity-specific disclosures when you indicate you use scheduling features, covering what data is collected during booking and how it is stored and used.