Everyone is confronted with privacy policies all the time — they’re found in all the apps on your phone and all the websites you visit.
But when was the last time you read through these policies before accepting them?
If you’ve ever tried reading them, you might have noticed that they can be very difficult to understand. So, you might now be wondering if there’s any point in putting in the effort to read these policies.
In this article, we’ll talk more about the language used in privacy policies and how companies can improve them.
That’s because people tend to rely on factors like context, experience, and their perception of the company as the basis for what they think they’re authorizing.
The research also found that even if consumers DID read privacy policies, interpretations would differ and may not be the same as the conventional legal interpretations.
How Often Do Consumers Read Privacy Policies?
Not often. In fact, 87% of consumers DON’T read privacy policies before accepting them.
On top of that, there’s usually a huge gap between the language used and the users who they should be targeting.
Another reason consumers don’t bother reading these documents is simply that they want to use the service.
You might also notice that companies rarely give consumers a choice to NOT agree to their privacy policies.
If you don’t accept their policies (or even updated policies), the site or app might stop working. In some cases, your account might even be terminated.
Why Is It Hard to Read Privacy Policies?
Most people don’t like reading privacy policies because they’re LONG.
On top of that, users have a hard time understanding jargon such as “API,” “cookies,” and “third-party data.”
It’s also worth noting that at least college-level reading ability is needed to grasp the language used in privacy policies.
Aside from the hard language, these documents are sometimes vaguely worded — making it harder to understand what they’re collecting from you, how they’re doing it, and what they’re going to do with the data they collect from you.
How Can Companies Improve Their Privacy Policies?
The most important idea in improving privacy policies is to make them consumer-centric.
Essentially, that means using concise, clear, and plain language so they’re easily understandable.
You might have also noticed that privacy policies can go on for a few pages or to the point where the scroll bar at the side becomes very short.
If you take the time and effort to look through the whole thing, you’ll realize that it’s an all-encompassing document. That means you get everything from how the app/site handles personal information to rules regarding signing up for the email newsletter subscription.
As such, to make them friendlier to readers, companies can break their long privacy policies into smaller chunks and give them at relevant times.
For example, if a person has just hopped onto the site, then it’s fine if the company ONLY shows information regarding:
- How the visitor’s IP address is handled
- If their activity on the site is shared with advertisers
- If they can decline to get interest-based ads
Additional privacy policies are especially important if companies are collecting and handling information that is unexpected in the perception of the consumers.
For instance, you know that a fitness tracker will track your steps. However, do you know that it’s possible for the company to collect and share that data with third parties?
In cases like those, companies should give out notices, asking users for permission — while also allowing them to opt out WITHOUT affecting how they interact with the app/site.
You might already be noticing these types of pop-ups with Apple and Google. These usually involve asking permission for a certain app to access your device’s location, camera, contacts, and such.
Are There Laws on Privacy Policies?
Yes, there are laws on privacy policies — more specifically, on data PRIVACY. The U.S. and Europe have the most comprehensive data security and privacy laws in the world.
Europe has the General Data Protection Regulation (GDPR), which improves how EU citizens can access information about themselves while also limiting what companies can do with personal data.
The GDPR has seven main principles applied across 99 individual articles:
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Storage limitation
- Integrity and confidentiality
In the U.S., there are a few states that have COMPREHENSIVE data privacy laws. These include:
Among them, California is the forerunner with the California Consumer Privacy Act (CCPA).
This Act gives California residents the right to demand from businesses the type of data collected from them, why it’s being collected, and how it will be collected from them.
Of course, we should establish WHY privacy policies are important in the first place as well.
These documents are essentially for three different groups of people:
For companies, these policies are a way of showing people that they comply with legal and regulatory notice requirements.
Meanwhile, regulators use privacy policies to investigate and enforce compliance with regulations.
As for consumers, these documents serve to PROPERLY inform them regarding:
- The kinds of data collected from them
- How the data is collected from them
- What the company will do with the collected data
Privacy policies should make consumers feel confident that their data is in safe hands.
Frequently Asked Questions
Privacy policies are vital to keeping personal information safe and ensuring that companies can keep the trust their customers give them.
Below, we’ve answered a few related questions on privacy policies:
Meanwhile, a privacy notice informs consumers how the company they’re interacting with will collect and use the information collected from them.
However, privacy notices may also be referred to as privacy statements, fair processing statements, and even privacy policies at times.
What Do Companies Do With the Data They Collect?
Companies draw insights from the data they collect.
These insights are typically used to improve customer experience and enhance a company’s marketing strategy.
By collecting the right types of data, a company can individualize user experience. Some examples are creating special offers and customized promotions that will appeal to people.
It also allows companies to PREDICT what consumers want based on what they’ve done — such as which marketing campaigns they previously engaged with or which products and services they availed.
Going deeper, companies can even sell the data and secure more sensitive information.
An example of using data to get more data is when banking institutions ask for voice recognition or other biometric data to authorize a person to access their financial information.
We’re currently living in an era of technological innovations. As such, it’s important to have privacy policies that are up-to-date.
Unfortunately, these documents are very difficult to grasp since they normally require at least college-level reading skills to understand. They’re also very long.
Companies can make their privacy policies more customer-friendly by using simpler words and dividing them into chunks — which they can present at the right times.
It’s also worth noting that there are laws in place that require companies to have robust privacy policies to better protect consumers and their personal data.