This paper presents patterns for privacy policies to be used in web sites, in particular e-commerce and e-business sites. Because of their financial aspects, the users accessing those sites need to provide personal information, and expect integrity, security, and privacy. The patterns are derived from a study of the 33 most accessed e-commerce sites in Brazil, where it was possible to observe that they do not use a systematic approach to develop privacy policies which are clear, friendly, and with relevant contents.