Redesigned Privacy Policy: Clear, Simple and Visual – Check it out!
Can the website of the Privacy Icons Forum (PIF) serve you a boilerplate, boring and incomprehensible privacy policy – as most other websites do? Of course not! This is the reason for our efforts over the past several months to redesign the first version of our privacy policy in an iterative manner.
Our goal? The PIF’s privacy policy should be transparent – this means clear, simple and visualized with icons, in line with Article 12 of the GDPR. To reach this goal, we redesigned its content and applied a mix of information design patterns.
First, we structured the privacy policy according to the processing purposes, since they are the starting point for almost any further legal requirement in European data protection laws. This is the reason for clearly defining, for each specific purpose, the data that is processed, the legal basis on which processing relies, and the duration of data storage. Additionally, we mentioned and explained the specific rights of data subjects with respect to each purpose. Structuring the document according to the different processing purposes helps the reader to understand why certain information is collected. It also creates a modular structure that can be easily replicated in other privacy policies.
Second, we worked on language. We removed any unnecessary legalistic or technical expression and replaced them with words of our everyday vocabulary. We shortened up the text to provide only essential information. We also gave examples to explain those expressions that we could not simplify. We used a conversational style that distinguishes between “we” (the website owners) and “you” (the website visitor): We clarified what we do and what are our responsibilities concerning your personal data and your rights. These strategies allow us to inspire trust by being concrete about what we do with the data, while being friendly with our website visitors.
Third, we enhanced the navigability of the document by providing a summary of its main points at the top of the page: The summary functions as the first layer of the privacy policy by presenting a short overview of its content without needing to read the whole text. We further placed a table of contents that anticipates what can be found in the document and provided navigable links allowing users to jump to the section they want to read. In addition, we structured the document in the form of skimmable headings formulated as questions (FAQs) to allow readers to easily find the piece of information they are looking for. The visual prominence to key information allows readers to skim read the document by simply following the words in boldface throughout the text. Enhancing document navigability allows readers to get an idea of the content of the privacy policy at a glance without being obliged to read thoroughly.
Fourth, sections are structured as accordions: They can be expanded at request and thereby lighten an otherwise long text. Similarly, information that is not necessary is hidden in a second layer under a “read more” label or an “i” icon, so that readers who desire that extra bit of information can expand and explore those sections. This renders the document comprehensive without being at the same time lengthy and heavy. Since this dynamic display of information might lead to interaction issues for visitors whose browsers do not support JavaScript, we also included a link to the full-text version of the document for accessibility.
Lastly, we redesigned the visual layout by placing companion icons next to headings and sub-headings in order to ease navigation. Icons give readers an overview of the document and help them to quickly search and find specific pieces of information. The use of icons is consistent throughout the document, so that one pictogram always stands for a certain concept and fosters its recognition. We chose our pictograms from among the Free Icons from the Streamline Icons Pack. Please be aware that this specific selection of icons is not based on scientific research and will probably evolve in the future.
All these improvements were made on WordPress. To include a multi-layer structure into our WordPress setup, we have used the plugin ShortCodes Ultimate which allows for easy inclusion of accordions, information icons, and other ways of dynamically expanding the information shown through the page editor. The navigation menu is generated by the Easy Table of Contents plugin, which we managed to include in the sidebar after some fiddling with the .php files of the theme and a few specific additions in the page’s html and css files. (A blog post on the technical process is coming soon!)
Was it quick and easy? Not at all! It required the efforts of a 6-persons’ team with expertise ranging from data protection law to computer science, user experience and psychology having discussions over several months. The experience was illustrative for academics who usually do not need to confront directly the regulatory burden imposed by data protection law – as companies and websites operators often do.
Was it worth it? Yes, definitely! Our goal is to provide website operators with useful and re-usable resources that can be easily applied in their websites. While doing so, however, website operators must be aware of the need to adapt these resources to their specific environment and practices. Please note that the intention is not to provide legal consulting and we do not provide any warranty with respect to our texts and recommendations.
To facilitate use and sharing, the text of the privacy policy is licensed under the Creative Commons Attribution 4.0 International License, which enables anyone to copy and change it, as long as the Privacy Icons Forum is mentioned (attribution). The CC-Licence does not apply to the icons used in our policy; the icons are licensed under the Linkware license.
Please send us your comments over the contact form, we are eager to learn how we can do better!
The PIF Team
Useful resources:
-
- Contract design pattern library by WorldCC, Stefania Passera and Helena Haapio: https://contract-design.worldcc.com/library
-
- Juro ‘How to write a privacy policy’ https://blog.juro.com/how-to-write-a-privacy-policy
-
- Rossi, A. et al. (2019) ‘When Design Met Law: Design Patterns for Information Transparency’, Droit de la Consommation = Consumenterecht : DCCR, (122–123), pp. 79–121. Available online
-
- Article 29 Data Protection Working Party (2018) Guidelines on transparency under Regulation 2016/679, 17/EN WP260 rev.01. Available online