Quick Answer: Does ClickFunnels Require a Privacy Policy?
Yes. ClickFunnels requires a visible privacy policy link on any funnel page that collects personal data. Without one, ClickFunnels can suspend or terminate your account. Additionally, privacy laws (GDPR, CCPA, CAN-SPAM) independently require a policy for any funnel that captures leads or processes payments from consumers in regulated jurisdictions.
Does ClickFunnels Require a Privacy Policy?
ClickFunnels explicitly requires funnel owners to include a link to a privacy policy on any page that collects personal information. This includes opt-in pages, order forms, webinar registration pages, and contact pages. ClickFunnels can take enforcement action -- including account suspension -- against funnels that lack this disclosure.
Beyond ClickFunnels' own requirements, applicable law requires a privacy policy in the following situations:
Email list building
Any opt-in form collecting email addresses
Order forms
Any page collecting billing or payment data
EU/UK visitors
GDPR applies to all EU and UK resident data
California users
CCPA thresholds may apply to large funnels
What Data ClickFunnels Collects
ClickFunnels collects data at multiple levels -- both as the platform provider and as the tool through which you collect your own leads' data. Your privacy policy must cover both layers:
| Data Type | Collected By | Your Policy Responsibility |
|---|---|---|
| Opt-in form data (name, email, phone) | You (via ClickFunnels forms) | Full disclosure required |
| Order form data (billing, shipping) | You + payment processor | Disclose, reference processor policy |
| Funnel page analytics (views, conversions) | ClickFunnels platform | Note third-party analytics |
| Traffic source / UTM parameters | ClickFunnels + ad platforms | Disclose ad tracking pixels |
| Session cookies | ClickFunnels platform | Include in cookie disclosure |
| IP addresses | ClickFunnels platform | Covered by ClickFunnels' own policy |
| A/B test behavioral data | ClickFunnels platform | Disclose use of split testing |
Order Forms and Payment Data
ClickFunnels integrates with Stripe, PayPal, and other payment gateways to process orders. When a customer completes a purchase through your funnel, data flows through multiple systems:
What You Receive as the Funnel Owner
- Customer name and email
- Shipping/billing address
- Product purchased and amount paid
- Transaction ID (not the full card number)
- Purchase timestamp and funnel source
What Payment Processors Handle
Stripe and PayPal handle card data directly under their own PCI-compliant systems. You do not receive raw card numbers. However, your privacy policy must still:
- Name Stripe and/or PayPal as data processors
- Link to their respective privacy policies
- Explain what order data you retain and for how long
- State the legal basis for processing payment data (contract performance)
One-Click Upsells (OTO) and Order Bumps
ClickFunnels' upsell and order bump features process additional charges using stored payment credentials. Your privacy policy should note that:
Did you know?
When customers accept a one-click upsell, their payment details are passed to the processor again. Many funnel owners forget to disclose that stored payment credentials from the initial order may be used to process upsells without re-entering payment details.
Follow-up Funnels and Email Marketing
ClickFunnels 2.0 includes Follow-up Funnels (formerly Actionetics), a built-in email marketing system. If you use Follow-up Funnels or integrate an external email platform (ActiveCampaign, Klaviyo, Mailchimp, AWeber), your privacy policy must cover:
Email platform used
Name the email service you use (ClickFunnels Follow-up Funnels, ActiveCampaign, etc.) and explain they process subscriber data on your behalf.
Types of emails sent
Specify whether you send transactional emails (receipts, confirmations), marketing emails (promotions, launches), or automated sequences.
Behavioral tracking
Email platforms track opens, clicks, and conversions. Disclose this email-level behavioral tracking in your policy.
Unsubscribe mechanism
CAN-SPAM and GDPR both require you to honor unsubscribe requests. State how quickly you process them (within 10 business days per CAN-SPAM).
International data transfers
US-based email platforms (ClickFunnels, ActiveCampaign) may transfer EU subscriber data outside the EU. Disclose Standard Contractual Clauses or other transfer mechanisms.
GDPR and CCPA Compliance for ClickFunnels
GDPR Requirements for EU Lead Funnels
If your ClickFunnels funnels target or receive leads from EU or UK residents, GDPR applies regardless of where your business is based:
- Add an unchecked consent checkbox to all opt-in forms (pre-checked boxes are not valid under GDPR)
- State specifically what subscribers are consenting to ("I agree to receive marketing emails...")
- Store consent records: timestamp, IP address, form version, and consent text
- Provide a clear, prominent link to your privacy policy on every form page
- Honor data subject access requests within 30 days
- Honor deletion requests ("right to be forgotten") within 30 days
ClickFunnels and GDPR Compliance Tools
ClickFunnels 2.0 includes GDPR-specific features including consent checkboxes and a cookie banner. However, you must configure these yourself -- they are not enabled by default. Always verify your funnel's GDPR settings before running traffic from the EU.
CCPA Requirements
CCPA applies if you collect data from California residents and your business meets certain thresholds. For ClickFunnels funnel owners, key CCPA obligations include:
- Disclose categories of personal information collected through your funnels
- State the business purpose for each category
- Disclose whether you sell or share customer data (e.g., to affiliate networks)
- Provide a "Do Not Sell My Personal Information" link if you share data for advertising
- Respond to consumer rights requests within 45 days
Where to Add Your Privacy Policy Link in ClickFunnels
Best practice is to link your privacy policy from multiple locations within your funnels:
| Location | Why | Priority |
|---|---|---|
| Footer of every funnel page | Global visibility, legal standard | Required |
| Near opt-in form submit button | Transparency at point of collection | Required |
| Order form page footer | Payment data collection disclosure | Required |
| Thank you page footer | Post-conversion confirmation | Recommended |
| Email footer (Follow-up Funnels) | CAN-SPAM and CASL compliance | Required |
| Webinar registration page | Event registration data collection | Required |
In ClickFunnels 2.0, you can add a footer to your page templates globally so every funnel page automatically includes the privacy policy link. Go to your page editor, add a footer section with navigation links, and include "Privacy Policy" linking to your hosted policy URL.
What to Include in Your ClickFunnels Privacy Policy
1. Business Identity
Your name, business name, email address, and physical address for legal notices.
2. Data Collected
Name, email, phone (opt-in forms); billing address, transaction data (order forms); behavioral data (page views, email opens, link clicks).
3. Legal Basis for Processing
Consent (marketing emails), contract performance (order fulfillment), legitimate interest (funnel analytics, fraud prevention).
4. How Data Is Used
Sending ordered products or digital access, sending marketing emails, running retargeting ads, improving funnel performance.
5. Third-Party Processors
ClickFunnels (platform), Stripe/PayPal (payments), your email platform, ad networks (Facebook, Google), analytics tools. Link to each provider's policy.
6. Affiliate Data Sharing
If you use ClickFunnels' affiliate program or share leads with JV partners, disclose what data is shared and under what circumstances.
7. Data Retention
How long you retain lead records, order history, and email subscriber data. Account for legal retention requirements for financial records (typically 7 years).
8. User Rights
Right to access, correct, delete, or port personal data. Provide a contact email for requests. State your response timeframe.
9. Cookie Disclosure
ClickFunnels uses session cookies and tracking cookies. Disclose any ad tracking pixels (Meta, Google, TikTok) you add to your funnel pages.
10. Policy Updates
State how you will notify subscribers of material changes to the policy.
5 Common ClickFunnels Privacy Policy Mistakes
Pre-checking the GDPR consent checkbox
GDPR requires explicit, freely given consent. Pre-checked opt-in boxes are invalid under GDPR and can result in fines up to EUR 20 million or 4% of global turnover.
Not disclosing all ad tracking pixels
Meta Pixel, Google Ads, TikTok Pixel -- each tracks visitor behavior for ad retargeting. Each must be named in your privacy policy and covered by a cookie consent mechanism.
Forgetting to link the policy from email sequences
Every marketing email sent through Follow-up Funnels or your email platform must include an unsubscribe link and your privacy policy link in the footer. This is required by CAN-SPAM and CASL.
Not updating when adding new integrations
Adding a new payment processor, email platform, or analytics tool means updating your privacy policy. Many funnel owners add ActiveCampaign or Stripe without updating their policy.
Using a generic template that doesn't mention ClickFunnels
Generic privacy policy templates do not cover ClickFunnels-specific data practices like Follow-up Funnel behavioral tracking, one-click upsell data reuse, and ClickFunnels' own data collection.
Frequently Asked Questions
Does ClickFunnels require a privacy policy?
Yes. ClickFunnels requires a visible privacy policy link on any funnel page that collects personal data, including opt-in pages, order forms, and contact forms. ClickFunnels can suspend accounts that violate this policy. Applicable privacy laws also independently require a privacy policy for any funnel that collects personal information.
Where do I add a privacy policy link in ClickFunnels?
In ClickFunnels 2.0, add a footer section to your page templates with a 'Privacy Policy' text link pointing to your hosted policy URL. This ensures all funnel pages include the link. Also add it near any opt-in or order form submit button for maximum visibility and compliance.
What data does ClickFunnels collect?
ClickFunnels collects lead information submitted through your opt-in forms (name, email, phone), order data processed via Stripe/PayPal (billing details handled by the processor), funnel analytics (page views, conversions, traffic sources), and session cookies. As the funnel owner, you receive the lead and order data; ClickFunnels retains platform analytics.
Do I need GDPR consent for ClickFunnels opt-in forms?
Yes, if you collect email addresses from EU or UK residents. GDPR requires an explicit, unchecked opt-in checkbox near your form stating exactly what subscribers are signing up for. Store consent records (timestamp, IP, form version) and honor access and deletion requests within 30 days. ClickFunnels 2.0 has built-in GDPR consent checkbox features you should configure.
Does ClickFunnels share my customers' data?
ClickFunnels shares data with third-party service providers necessary to operate the platform (Stripe, PayPal, infrastructure providers). ClickFunnels' own policy governs these. As the funnel owner, you control your leads' data and must disclose any sharing you do -- such as with joint venture partners, affiliate programs, or ad retargeting platforms.
Generate Your ClickFunnels Privacy Policy
Create a customized privacy policy covering your ClickFunnels funnels, opt-in forms, payment processors, Follow-up Funnels email sequences, and ad pixels -- in under 2 minutes.
Generate My Privacy Policy Free