The good, the bad and the ugly – Privacy Notices explained…

Can anyone really hold their hands up and say they enjoy nothing better than sitting down with a cup of tea to read an organisation’s privacy notice? Do many people read them, or more so, actually understand the content within them?

Make no mistake, privacy notices are a meandering minefield of specialist jargon intentionally cloaking ulterior motives, as PCMag UK put it; “If you read them, you’d probably run screaming from your phone or computer”. We’re so addicted to our electronic devices that we’ll ignore the tome of legal waffle revealing exactly how our data is used, so long as we get another hit of instant communication and entertainment (and who can blame us? There’s only so many hours in the day!) 

VPNoverview conducted a comprehensive investigation into 50 well known brands to unearth the most laborious and unethical privacy policies out there. To read more about their rankings (which considered overall legibility and reading time), head to their website: 

Not only are these legal documents so frustratingly difficult to read that over 60% were considered ‘almost unreadable’ and requiring a University graduate reading level, their ambiguity should give you cause for concern. These legal documents are intentionally vague not only to prevent user comprehension, but to protect the company in the event of legal prosecution. 

Tristan Harris, former data ethicist at Google and co-founder of the Centre for Humane Technology encourages us to remember that when it comes to our electronic devices,  “If we are  not paying for the service then we are the product”. 

Thankfully it’s not all doom and gloom, there are some companies doing us proud! Our favourite privacy policies are simple, easy to read (or watch) and prioritise gaining their customer’s trust. 

A big shout-out to a couple of our favourites; 

  • Not only does their privacy policy begin detailing how to contact them as well as the rights of data subjects, they devote an entire section to ‘keeping children safe online’. We applaud Lego for their overall transparency and simplicity, and of course, for their surprisingly charming companion video. 
  • Easyjet’s privacy notice is the gold standard when it comes to clarity. The segmentation of information ensures widespread comprehension and covers everything a data subject would need to know (in particular Section 7 ‘Sharing Personal Data’, where each organisation with whom they may share your data with is accounted for). 
  • Superdrug knows that most of its customers are unlikely to sit and peruse a lengthy privacy notice, so they offer data subjects both a ‘Short version’ and ‘Long version’ for you to choose from. The ‘short version’ offers their ‘5 Privacy Promises’ which is (probably) the most succinct yet reassuring policy we’ve seen.

If you’re curious to delve even deeper into the world of privacy notices and build your organisation an easy to understand video that explains how you protect data, get in touch with us and we’ll do the hard work for you! 

Get in touch at or give us a call at 0203 3013384 


related posts

Get a Free Consultation