I was asked by Juro to help them create the “best privacy notice in the world”: a privacy notice that users would really read and understand.
Usually privacy policies end up not being read because it takes too much effort, time, and attention. However, GDPR now set a clear requirement to be user-friendly and transparent in privacy notices. Now it’s not a nice to have, it’s something that’s demanded.
So, what design patterns and strategies can we use to avoid information overload, communicate as clearly as possible, and retain reader’s attention?
The short notice
Privacy policies usually contain lots of details, but users want to understand which are the key points and what they mean for them. Meeting this need with a wall of text rarely works. This short version of Juro’s privacy policy, called “Your privacy at a glance”, is a modal window displayed on just one screen of a typical browser. It gives users the key facts first, and eventually they can click through to the full policy if they want to read more. Staging information disclosure in manageable bits is an example of “layered approach”.
Accordion layout
Full privacy notices are usually very long and users have to scroll a lot. That generates user fatigue, particularly on mobile. The accordion pattern helps making the full privacy notice all more compact and visually contained: it presents the most important information at the top, and place further details inside expandable panels – showing an overview first and let readers drill down later. This is another example of layered approach.
PRIVACY TIMELINE
Users understand information better when they can contextualize it within their experience. Talking in general, abstract about what data is collected and how does not resonate with them. Instead, we used a timeline to map out all the privacy-sensitive interactions between the users and Juro. The timeline shows the exact moments when their data is collected, making the whole process more tangible and transparent.
floating menu
It’s good practice to include a table of contents with links to the various sections of the privacy policy, because people often have specific questions that they’d like the document to address. However, these questions may come to mind while they are reading the document and not necessarily at the beginning (where most tables of contents are placed). The floating menu offers a solution to this problem, because the links follow users through the policy.
resources and links
> Read more about the design process of this project
> See the project live: short privacy notice and long privacy notice