1. Keep it relevant, meaningful, and to the point.
Follow these guidelines for a clear policy:
- Describe how and why you collect personal information, what you intend to do with that information, and under what circumstances you might share that information.
- If you disclose personal information to third parties, explain who those parties are or what services they provide.
- Share the automatic data collection tools you’re using (cookies and other tracking technologies), but don’t stop there. You should also describe how the information users submit will be used and/or disclosed.
The highlights tab covers the most meaningful and relevant information users need to know when it comes to their privacy online.
2. Distinguish yourself from the rest.
- Avoid templates and online example policies.
- Create a policy that follows your brand guidelines (i.e., design, format, colors).
- Use the same tone of voice as in the rest of your website.
3. Use plain language, so not only lawyers can understand it.
Avoid legal terms and explain your practices in a language that any visitor to your site will understand. Go the extra mile and provide summaries or explanations of complex topics, as well as links and references to the full description.
Ensure that the document is as brief as possible while providing the details that people must know. We recommend structuring your policy for ease of reference and making it user-friendly.
Look at the way Apple’s privacy page was structured and how this contributes to its readability.
4. Remember, the choice is always theirs.
Transparency and choice are the core of our data privacy ideology.
You should inform customers about their available options regarding collecting, using, or disclosing their information (e.g., choosing not to share personal data for marketing purposes) and clearly explain how they can exercise those choices.
Explain how they can obtain access to their personal information, request a correction, or the complete deletion of their data. Provide further details through the use of links or pop-up windows whenever a user might need to make a privacy choice.
Lastly, make privacy information easy to find by placing the link in a prominent location on your homepage.
5. Update regularly and make an effort to get feedback.
Actively inform users and customers when the policy is changed, and always include a timestamp of when the last review/update occurred.
Make it easy to reach out to you by sharing details of privacy-specific contacts (e.g., Data Privacy Officers, Data Protection Officer), enabling them to effortlessly raise privacy questions, complaints, or requests.
A great example can be found on Monday.com’s privacy page.
It begins with a personal note from their Data Privacy Officer and includes an email address to give feedback.