According to the regulation, companies’ privacy policies have to be concise and transparent. This means that writing privacy policies in plain English, presented in a way that’s accessible for non-legal readers, is not a nice-to-have: it’s a legal obligation, clarified in the transparency guidelines.
As the implementation deadline for GDPR approaches, we’ve seen businesses everywhere updating their privacy policies to comply with its requirements, but we see very few that truly meet this standard of readability. Even the most forward-looking businesses fall into bad habits and throw dense text onto the page like it’s going out of fashion. Even Google have let theirs run past 3,000 words – surely they can do better than this!
The principles of legal design always guide us at Juro: start with the needs of end-users and work backwards. Privacy policies post-GDPR and post-#DeleteFacebook must be legal design-friendly, to comply with legislation and to make sure users are informed and happy. Making complex legal documents simple is hard. It’s as much a design challenge as a legal one, and the leading thinkers on legal design can help you visualize the task ahead. It’s a challenge you need to get right to thrive and to stand out post-GDPR.
At Juro, we’re busy running a design sprint on our own privacy notices (more on this soon) – see the steps we are taking here. As customers, employees and suppliers increase their interest in privacy generally, getting this touchpoint right can be a real win for the whole business. Get it wrong, and you might turn customers off before they read it, storing up confusion and even disputes for later on. As lawyers, that’s a risk we have to mitigate. If you have any questions or would like to learn more, book your seat on our upcoming live webinar: Legal design for in house: the GDPR challenge no one is talking about.
With the closing of our latest funding round, find out more about how we will be investing to bring design thinking to contract workflow.