Checkpoints - All pages should contain a privacy link
In the European Union, the pertinent legal framework regarding privacy, and thus and Privacy Policies, is the Data Protection Directive and the ePrivacy Directive. Article 10 of the Data Protection Directive notes that every data subject (user, consumer, etc.) has a right to know who is processing their personal information.
At a minimum, you must inform users about:
Who the processor of the information is. This includes the business’ contact information.
The categories of personal data the business will collect and process through its website or mobile app.
Why is the personal information collected for.
Whether the collected information will be disclosed to third parties.
How the user may exercise their rights further in connection to deletion of information and withdrawal of consent.
This is critical. The only way for the consent of a user to be valid is if the user has been presented with this information.
The checkpoint examines the entire HTML source code of a page and reports if there is no link <href> tag containing the word 'privacy' (adjusted with other languages depending on the country).