top of page
Search

Privacy notice do's and don'ts

  • Writer: Gayle Parker
    Gayle Parker
  • 3 days ago
  • 4 min read

Privacy notices are a key part of how businesses communicate with their customers about data protection. They explain what personal data is collected, why it is collected, and how it will be used. Getting your privacy notice right is essential for building trust and staying compliant with laws like the GDPR.


In this post, I will share practical do's and don'ts for creating clear, effective privacy notices. I will also mention some useful services that can help you manage your privacy notices and data protection obligations with ease.



What is a privacy notice and why does it matter?


A privacy notice is a statement that tells people how their personal data is handled. It should be easy to find, easy to understand, and transparent about your data practices.


People want to know:


  • What data you collect

  • How you use it

  • Who you share it with

  • How long you keep it

  • Their rights over their data


If your privacy notice is confusing or missing, customers may lose trust or complain to regulators. A clear notice helps you avoid fines and shows you respect privacy.



Do's for writing a good privacy notice


Use simple, clear language


Avoid legal jargon or complicated terms. Write as if you are explaining to a friend. For example, instead of "data subject," say "you" or "your personal data."


Be transparent and honest


Tell people exactly what you do with their data. If you share data with third parties, say who and why. If you use cookies or tracking, explain it clearly.


Make it easy to find


Place your privacy notice where people expect it, such as your website footer or during sign-up. It should be accessible without hunting around.


Keep it up to date


Review your privacy notice regularly, especially if your data practices change. Outdated notices can cause confusion and compliance issues.


Include all required information


Make sure you cover all the basics required by GDPR and other laws. This includes your contact details, legal basis for processing, data retention periods, and rights of data subjects.



Don'ts for writing a privacy notice


Don't bury important information


Avoid hiding key details in long paragraphs or legalese. People should not have to dig through pages to find out what happens to their data.


Don't use vague terms


Phrases like "we may share your data" or "we use data to improve services" are too vague. Be specific about who you share data with and for what purpose.


Don't overwhelm with too much detail


While transparency is important, avoid overloading your notice with technical details or lengthy legal text. Balance clarity with completeness.


Don't ignore user rights


Make sure you explain how people can access, correct, or delete their data. Ignoring this can lead to complaints and loss of trust.


Don't forget to link to your privacy notice


If you collect data through forms or apps, always provide a clear link to your privacy notice nearby.



Eye-level view of a printed privacy notice document on a wooden desk
Privacy notices help build trust


How privacy notice services can help


Managing privacy notices can be tricky, especially for businesses handling lots of data or multiple websites. That’s where services like ByDesign Privacy come in handy.


ByDesign Privacy offers expert support to help businesses create, update, and manage privacy notices that comply with GDPR and other regulations. Their service includes:


  • Drafting clear, tailored privacy notices

  • Regular updates to reflect legal changes

  • Guidance on data protection policies

  • Support for Data Protection Officer (DPO) roles


Using a service like this can save time and reduce risk. It also helps embed privacy into your business culture, building trust with your clients.



Comparing privacy notice tools and services


If you are looking for tools to help with privacy notices, here are two options to consider:


ByDesign Privacy


  • Focuses on GDPR compliance and data protection consulting

  • Offers tailored privacy notice creation and updates

  • Provides ongoing support and DPO services

  • Ideal for businesses wanting expert guidance and a trusted partner



Generic Privacy Notice Generators


  • Online tools that create basic privacy notices based on your inputs

  • Usually free or low cost

  • May not cover all legal requirements or specific business needs

  • Good for small businesses with simple data practices


While generators can be a quick fix, they often lack the depth and personalisation that a service like ByDesign Privacy provides. For businesses serious about compliance and trust, expert help is worth considering.



Close-up of a laptop screen showing a privacy notice editing interface
Close-up of a laptop screen showing a privacy notice editing interface


Practical tips for embedding privacy notices in your business


  • Train your team on the importance of privacy notices and data protection

  • Link your privacy notice in all customer touchpoints: website, emails, apps

  • Use clear headings and bullet points to make the notice easy to scan

  • Provide contact details for privacy questions or complaints

  • Regularly review and update your notice as your business evolves


Remember, a privacy notice is not just a legal requirement. It is a way to show your customers you care about their privacy and data security.



Final thoughts on privacy notice do's and don'ts


Writing a good privacy notice takes effort but pays off in trust and compliance. Use clear language, be honest, and keep your notice easy to find and understand. Avoid vague or hidden information, and always explain user rights.


If you want to make this easier, consider working with a service like ByDesign Privacy. They can help you create privacy notices that fit your business and keep you on the right side of the law.


Privacy notices are your chance to build trust. Make them count.



 
 
 

Comments

bottom of page