Example (you're welcome to copy it):
Save this as pp.html for instance (if using java, below) or any other convenient name to link to. I think the above pretty much covers most things even if it is generic it can be altered to suit. Replace (domain-name.tld) with your domain name (obviously) with a 'find & replace' and make any changes necessary if, for instance you collect email addresses you should include a 'we won''t spam you' statement and what they're used for.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="XHTML namespace">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex, nofollow noarchive" />
<!-- PP START -->
<p>We respect your privacy and are committed to safeguarding your privacy while online at <strong>(domain-name.tld)</strong>. The following discloses the information gathering and dissemination practices for <strong>(domain-name.tld)</strong>.</p>
<p>We may use log files to track visits to <strong>(domain-name.tld)</strong>. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, track user's movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses are not linked to any personal identifiable information.
Note: We may be legally required by law to make log files and other details available, we will comply with such requests upon receipt of official legal documentation.</p>
<h3>What is a Cookie? </h3>
<p>There are two different types of cookies:<br>
1) Session Cookies: These are temporary and are erased when you close your browser at the end of your surfing session. The next time you visit that particular site it will not recognise you and will treat you as a completely new visitor as there is nothing in your browser to let the site know that you have visited before.
2) Persistent Cookies: These remain on your hard drive until you erase them or they expire. How long a cookie remains on your browser depends on how long the visited website has programmed the cookie to last.</p>
<p>For more information on configuring your browser, see <a target="_blank" rel="nofollow" href="http://www.aboutcookies.org/Default.aspx?page=1> or the documentation for your browser. We are not responsible for the content of any third-party websites.</p>
<p>This site does not use beacons, however, advertising services such Google Adsense may use beacons on <strong>(domain-name.tld)</strong>. We have no access to and cannot control these beacon logs.</p>
<h3>What is a Beacon?</h3>
<p>A beacon is a transparent image file used to monitor your journey around a single website or collection of sites. They are also referred to as web bugs and are commonly used by sites that hire third-party services to monitor traffic. They may be used in association with cookies to understand how visitors interact with the pages and content on the pages of a web site.
For example a company owning a network of sites may use web beacons to count and recognise users travelling around its network. Being able to recognise you enables the site owner to personalise your visit and make it more user friendly.</p>
<h2>Google Adsense and the DoubleClick DART Cookie</h2>
<h2>Advertisers and Affiliate Companies</h2>
<p><strong>(domain-name.tld)</strong> uses outside ad companies to display ads, such as Google Adsense. These ads may contain cookies that are collected by our ad companies, and we do not have access to this information. To the best of our knowledge, we follow all ad and affiliate company privacy policies. Please check their websites for respective privacy policies.</p>
<h2>Links to Advertisers and Affiliate Companies Privacy Policies</h2>
<p>This site does not collect or require your email address to use this free service.</p>
<p><strong>(domain-name.tld)</strong> may contain links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our visitors to be aware that when they leave <strong>(domain-name.tld)</strong> to read the privacy statements of each and every web site that collects personally identifiable information. This privacy statement applies solely to information collected by <strong>(domain-name.tld)</strong>.</p>
<p>This service is provided as is, without warranty or guarantee of any kind. The use of this service is entirely at your own risk. We cannot take responsibility for any direct, indirect, accidental or consequential damages or loss, or for any misconceptions resulting from the use of, or inability to use, this service. Your statutory legal rights are not affected.</p>
<p>Copyright © 2010 (domain-name.tld) All Rights Reserved.</p>
<!-- PP END -->
Just use all the bits between the <body> and </body> tags if you want to paste into an existing page to keep the layout of your site
If you don't want it as part of your main site pages then put it on a java pop out script, ideal for mini sites too.
Put this code in the webpage header, before the </head> tag:
You can change the size if required, then put this code were you want to link to it:
window.open("pp.html", "WinE", "width=650,height=600,toolbar=no,scrollbars=yes,resizable=no")
It works for me anyway, I use a variation on pretty much every domain and I don't think I've been penalized yet (touch wood).
@Will - If you use the rel="nofollow" in all the links that should help when using one sites' policy and linking to it.
BTW, for those that wonder, I did copy and paste this from a number of different sources.
EDIT: That didn't go as well as I'd hoped so I've attached a zip copy...