No, sorry, I sure did not.
Now that I’ve begun to explore privacy policies from a web content writing angle, I wish I could say that I’d crawled into bed with a good one. But the truth is, privacy policies pretty much universally suck.
Why they suck is a little complex, but it basically boils down to websites having to be transparent about data collection practices they’d rather not discuss.
Think of the disclaimer you’d find at a shooting range (the one that says they’re not responsible if you decapitate yourself with an Uzi.) It’s only there because it has to be.
But unlike that disclaimer, which is short and sweet, website privacy policies tend to stand out for their torpor-inducing, abstraction-filled legalese, which, in full flower, is almost a form of reading torture. If they’re in maximum obfuscation mode, like Facebook’s 4,200-word policy, they can even demand more brain power to decipher than Stephen Hawking’s A Brief History of Time.
Couple that with tiny font sizes and lack of styling, hierarchy or voice, and you’ve got a document that is literally designed not to be read.
This is not just a shame. It’s actually dangerous.
Which brings us to the main problem of website privacy policies: the writing under the hood.
Granted, privacy policies are usually written by lawyers, and we don’t expect lawyers to write Dan Brown novels. But then again, should lawyers be writing the final versions of the privacy policies that end up on our websites?
Short answer: No, they shouldn’t. You should write them—at least the final versions—and here’s why.
Why you should write your own website privacy policies
You educate yourself
You work towards a more transparent web
You create a more consistent user experience
And that is more winning than Charlie Sheen and a brick of Colombian nose whisky.
Some of what you’ll learn is actually eye-opening. Like the fact that Google collects and stores heaps of our data, but doesn’t give it to anyone else (unless you ask them to or a government has a legitimate reason to ask them to), while Facebook deals in data like Jawas deal in used droid parts.
Maybe you knew that users actually have the right to have their data wiped clean from the websites they visit, or given to them in a file so they can see exactly what you’ve collected about them. I didn’t—not before I started researching website privacy policies.
Probably not, unless you’re Edward Snowden. So we don’t recommend attempting it.
What you can do, in lieu of hiring a lawyer (or sending Edward Snowden an encrypted fan email), is this.
Unless you’re writing a website for a company that deals in information (media, tech, etc.), this should be pretty straightforward. We’re talking about the types of data your website collects, the instruments it uses to collect it, why it’s collecting data and how that data will be used.
For our website, for instance, we use Google Analytics, the Facebook pixel and MailChimp.
We use Google Analytics to tell us who’s visiting our site. We use the Facebook pixel to tell us who’s responding to our ad campaigns, and we use MailChimp to keep track of who’s opening our emails.
This, in a nutshell, is visitor tracking, and we don’t get much more sophisticated than that. If you do, you may need to journey further down the privacy rabbit hole to explain it to your readers.
Finally, and maybe even more important for anyone using the websites you write, you’ll need to lay out your users’ data rights and give them a place to contact you in case they have questions.
See what’s out there.
Once you know what you need to write, take a look at other reputable websites offering similar services to the one you’re writing and see how they do it. Locate the content you need (from your checklist above), identify the main ideas, check them against GDPR standards, and rewrite them from the ground up in your own voice.
Chances are, chunks of any policy you find online will have much in common with the policies of most other websites you’ve interacted with, because, for the most part, that content is the same.
Make it pretty.
Here’s how you should do it.
Crack open your favorite IPA, crank the air conditioning way up, set your tablet to night mode and click here.
Links to further reading
When Max Sheridan isn't drinking IPAs or curling up in bed with privacy policies, he designs comeback campaigns for Nicolas Cage. (What, you don't think he needs a comeback campaign?) His second novel Hubble is coming fall 2020 from Run Amok Books. Talk to Max at your own risk here.