diff --git a/app/views/layout.html b/app/views/layout.html
index 00e8221..e82e3e3 100755
--- a/app/views/layout.html
+++ b/app/views/layout.html
@@ -31,6 +31,10 @@
       {
         label: "Cookies",
         URL: "/cookies"
+      },
+      {
+        label: "Privacy policy",
+        URL: "/privacy-policy"
       }
     ]
   }) }}
diff --git a/app/views/privacy-policy.html b/app/views/privacy-policy.html
new file mode 100644
index 0000000..411cfd3
--- /dev/null
+++ b/app/views/privacy-policy.html
@@ -0,0 +1,120 @@
+{% extends 'layout.html' %}
+
+{% block pageTitle %}
+  Privacy policy - NHS prototype kit
+{% endblock %}
+
+{% block beforeContent %}
+  {{ breadcrumb({
+    href: "/",
+    text: "Home"
+  }) }}
+{% endblock %}
+
+{% block content %}
+  <div class="nhsuk-grid-row">
+
+    <div class="nhsuk-grid-column-two-thirds">
+
+      <h1>Privacy policy</h1>
+
+      <p>
+      Your privacy is important to us. This privacy policy covers what we collect and how we use, share and store your information.
+      </p><p>
+      This page tells you:
+      <ul class="nhsuk-list nhsuk-list--bullet">
+      <li>
+      about the information we may collect
+      </li><li>
+      how we keep your data secure
+      </li><li>
+      who we share your data with
+      </li><li>
+      about your rights to see or change information we hold about you
+      </li>
+      </ul>
+      <h2>
+      Information we may collect
+      </h2><p>
+      You can leave feedback on some pages of the website or on a user survey. You can choose to share your email address if you want a reply. Otherwise, we collect and store feedback anonymously
+      </p><h2>
+      Cookies
+
+      </h2><p>
+      Our website uses cookies. These are small files saved on your phone, tablet or computer when you visit a website. They store information about how you use the website, such as the pages you visit.
+      </p><p>
+      The law says that we can store cookies on your device if they are strictly necessary to make our website work. For all other types of cookies we need your permission before we can use them on your device.
+      </p><p>
+      Read our <a href="/cookies">cookie policy</a> to find out more about the cookies we use.
+      </p><p>
+      We sometimes use tools on other organisations' websites to collect data or to ask for feedback. These tools set their own cookies.
+      </p><h2>
+      Why we need your data
+      </h2><p>
+      For a number of the activities that we undertake to complete our function, we need to process personal data. We collect certain personal data when you use the NHS prototype kit.
+      </p><p>
+      We collect your data so that we can:
+      </p><p>
+      <ul class="nhsuk-list nhsuk-list--bullet">
+      <li>
+      tell you about work and updates on the kit
+      </li><li>
+      work with you on contributions, where you’ve proposed to add or improve part of the kit
+      </li><li>
+      support you, including both the provision of support and responses to user enquiries
+      </li><li>
+      gather feedback, including gathering it to improve our services, and responding to it, if you have asked us to
+      </li><li>
+      invite you to take part in user research
+      </li></ul>
+      </p><p>
+      We collect your user profile if you interact with us on collaboration tools and platforms.
+      </p><h2>
+      Keeping your personal data secure
+      </h2><p>
+      We convert your data into secure code (encrypt it) and store it on secure servers in England. A partner organisation is providing hosting services but has no say in how the information is used. There are no legal ways for their employees to see the data. Only approved people in the NHS digital service manual team can see it.
+      </p><p>
+      If you shared your email with us as part of a survey, we will delete it after 2 years. At that point no one can identify you in the survey data.
+      </p><h2>
+      Data sharing
+      </h2><p>
+      As part of NHS prototype kit we share your personal data with data processors who provide us with:
+      <ul class="nhsuk-list nhsuk-list--bullet">
+      <li>
+      software collaboration platforms when you share research, feedback or make a contribution
+      </li><li>
+      support providers when you contact us for assistance
+      </li></ul>
+      </p><p>
+      NHS England may share anonymous information on how the service is used with the Department of Health and Social Care, integrated care boards (ICBs), and national governance groups.
+      </p><h2>
+      Legal powers
+      </h2><p>
+      When you give us personal information, we may pass it on if the law says we must.
+      </p><p>
+      If you make a claim against us, we and other third parties such as our solicitors may need to look at this information.
+      </p><p>
+      We will not share your personal information with anyone else without your permission for any other reason.
+      </p><h2>
+      Your rights
+      </h2><p>
+      You can:
+      </p>
+      <ul class="nhsuk-list nhsuk-list--bullet">
+      <li>
+      find out what information we hold about you, ask us to correct it if it's wrong, or delete it by emailing enquiries@nhsdigital.nhs.uk
+      </li><li>
+      contact the Information Commissioner's Office, Wycliffe House Water Lane, Wilmslow SK9 5AF if you want to make a complaint about how we have managed your data
+      </li></ul>
+      <p>
+      NHS Digital (NHS England), 1 Trevelyan Square, Boar Lane, Leeds, LS1 6AE is the Data Controller for the NHS digital service manual under data protection legislation. We will process your data in line with data protection legislation.
+      </p><p class="nhsuk-body-s nhsuk-u-secondary-text-color nhsuk-u-margin-top-6 nhsuk-u-margin-bottom-0">
+      Updated: November 2024
+      </p>
+
+
+
+    </div>
+
+  </div>
+{% endblock %}