Yes, you do need a privacy policy. The days when some websites or apps could get by without one are long gone. No website or app should appear on the internet without a privacy policy.
And that is just one element of compliance with data protection laws.
The privacy policy is a document that describes your data privacy practices to users. You need to be transparent with them and this is how you provide such transparency.
Some laws explicitly require a privacy policy, while others require transparency where having a privacy policy is the most practical way to be transparent.
To sum it up, you need a privacy policy for your website or app as soon as they get to the internet.
Having some text named privacy policy on your website is not enough for compliance.
There are two things you have to keep in mind:
A privacy policy is not all you need for compliance with the relevant data protection laws. It almost never is.
The only exception is if you are based in the United States and all your users come from the United States or another country with non-comprehensive or non-existent data protection law. In any other case, having a privacy policy is not enough.
This post originally appeared in the second issue of my newsletter Bite-Sized Legal. You can sign up here.
Good advice, Petar! Keep it up! :)