Sam Williams | April 16, 2020
If you’re a business or organisation, a privacy policy is often a legal requirement. When you collect personal information from someone, you must tell them what you’re collecting and what you’ll use it for. A privacy policy on your website is a convenient way to do this.
But have you read your privacy policy lately? It may be legalistic and difficult for your customers to read, as many privacy policies are. A plain-language privacy policy, on the other hand, will bring real benefits for both you and your customers.
If your customers can’t trust you with their personal information, they won’t do business with you. Trust is especially important when you offer goods and services online, where you aren’t interacting with your customers face to face. Your privacy policy is a way to encourage and protect trust.
New technology, new laws, and high-profile data breaches are making privacy a greater concern to the public. Trust is more important than ever — but New Zealanders aren’t sure who they trust. In a 2018 survey, the Office of the Privacy Commissioner found that only one-third of New Zealanders trusted companies with their personal information, while two-thirds trusted government organisations.
Plain language will help you build that trust. Researchers for the Association of Information Systems found that the more someone believes they understand a privacy policy, the more they trust the website.
Read more about the Office of the Privacy Commissioner’s survey
Read more about the research on how readability affects trust
It’s easy to just see privacy as a law you have to comply with, and write your privacy statement accordingly. It’s a legal requirement, so you use the language of the law. But your privacy statement isn’t for lawyers or regulators — it’s for your customers.
This legal focus is common across all kinds of businesses. In 2015, the Center for Plain Language found that Twitter’s privacy policy focused more on ‘addressing the legal needs of the company than helping the consumer protect her privacy’.
Think of your privacy statement as a way to fulfil a consumer right, rather than a legal box to tick. Your goal is to help your customers understand what you’ll do with their personal information. It’s perfectly possible to write for your readers while still complying with the law.
Download the Center for Plain Language’s analysis of privacy policies (PDF, 379KB)
In our experience, some agencies use needlessly complex language because they’re worried they’ll scare customers. For example, we’ve seen agencies that are reluctant to clearly state who they share personal information with, or that they store personal information in cloud servers overseas.
We’ve heard a common explanation: ‘What we do may be common and legal, but our customers don’t know that. If we tell our customers, they’ll think we’re doing something unusual or unacceptable.’
This approach may backfire when your customers find out you’re doing something with their information that they didn’t expect. And if what you’re doing sounds off-putting when you explain it clearly, it could be a sign that you need to reconsider your practices.
If you give your customers enough clarity and context to understand what you’ll do with their personal information, you may avoid surprising or upsetting them later.
So a clear privacy policy is useful, but only if people are going to read it! A 2008 study found that it would take the average person more than 200 hours to read all the privacy policies for all the websites they visit each year. Nobody has that time to spend.
And sometimes privacy policies are hard to find — the link to yours might be hiding in the footer of your website, in a tiny font. Letting your privacy policy sit passively on your website means your customers aren’t going to get the benefits of plain language. And you aren’t going to get the benefit of your customers’ trust.
Read more about the 2008 study on reading privacy policies
Actively tell your customers how you’ll collect and use their information, and you’ll actively earn their trust. Whenever you collect personal information on your website, clearly explain what you’ll use it for, and where your customers can learn more.
Below is an example that shows how you can use language and formatting to obscure or reveal privacy practices.
To download the document, you have to subscribe to the mailing list. But that isn’t immediately obvious in this image. At first glance, you may think you just have to enter your email address. The only mention of subscribing is in significantly smaller text, underneath the main messages and the download button.
The term ‘subscriber database’ is quite vague. And it says you can unsubscribe at any time, but it doesn’t actually tell you how to unsubscribe. Readers might also want to know where they can learn more.
Below is the same example, changed to be more privacy-friendly.
It’s becoming impossible to take part in day-to-day life without giving up more and more personal information. As a result, people may feel overwhelmed by dense privacy policies and find it harder to make informed choices.
You can help your customers by making it as easy as possible to understand how you collect and use their information. In return, your customers will reward you with their trust, and their business.
Sign up for Plain Language Foundations at Write Online to learn the basics of plain language and start making your privacy policy clear for your customers.
Register for our legal writing workshop to learn evidence-based principles for writing legal documents in plain language.
Contact us and ask us to rewrite your privacy policy for you.
Read our recent blog post on how clear language can help institutions win back trust.
Our blog also has plenty of tips to help you write in plain language while still being legally sound.