In the European Union, the General Data Protection Regulation, or GDPR, is about to go into effect. Beginning May 2018, all companies operating in the EU will be required to adhere to this regulation. The GDPR aims to strengthen privacy protections for consumers and make data protection more robust and consistent.

One important aspect of the GDPR is privacy notices. Under this new regulation, old school privacy notices must be replaced with privacy information notices that are concise, easy to understand, and written in plain language. In other words, they must be highly readable. Legalese and jargon are not allowed.

Specifically, the GDPR states that privacy information notices must be “concise, transparent, intelligible and easily accessible; written in clear and plain language, particularly if addressed to a child.”

This is meant to eliminate the problem of consumers being forced to sign privacy notices that are longer and more complicated than a legal contract. Instead, consumers will know exactly what a privacy notice means for them. They will know how their privacy is affected by the products and services they buy. Companies that don’t comply with the GDPR will face steep fines and penalties.

What does this mean for US Companies?

Even if your company or website is based in the United States, you may be affected by the GDPR. If your consumers are in the EU, then you must adhere to this new regulation. This applies even if your company is incorporated in the United States, and has no physical presence in Europe.

Simply put: if you gather data from EU citizens, then this regulation applies to you.

What if your business or website only has customers in the United States? In that case, you aren’t required to comply. However, it’s still a good idea to make your privacy notices easier to read for a variety of reasons:

  • Easy to read privacy notices make you appear more trustworthy. Consumers know you don’t have anything to hide. This helps them trust you with their private information and data, and makes your business look more credible overall.
  • Privacy notices that are easy to comprehend are becoming a best practice in the U.S. and abroad. Getting ahead of this growing trend is a great idea.
  • There is always a possibility that the United States will adopt a similar regulation. More readable privacy notices are popular with consumers. Politicians know that consumers are worried about their data being mined, sold, and shared.
  • If your business expands and you gain European customers, you will already be compliant with this aspect of the GDPR. You won’t have to worry about fines or penalties, or need to scramble to become compliant.

Making privacy notices more readable

Luckily, making your privacy information notices more readable isn’t difficult. The best approach is to calculate the Flesch Reading Ease score and improve it as needed. This is the most widely used and reliable way to check a document’s readability.

Readable.io recommends that you aim for a Flesch Reading Ease score of 45 or better. This is also the score recommended by the GDPR, as well as other organizations. For example, in Florida, all insurance contracts are explicitly required to meet this minimum readability score. Focusing on this score removes all the guesswork.

Improving readability: the step-by-step process

Using Readable.io to improve the readability of your privacy information notice can be tackled in a few simple steps:

  1. Copy your current privacy policy verbiage into the Readable.io text box.
  2. Click on “Measure Readability.” (See screenshots below.)
  3. Check your Flesch Reading Ease score.
  4. Edit your text by shortening sentences and using simpler words.
  5. Rescore your text, and repeat until you reach your target readability score of 45 or better.

Let’s look at Step 4 in more detail, since this is the most important step. The Flesch Reading Ease score is determined by two factors: average number of words per sentence and average number of syllables per word. Shorter words and shorter sentences = more readable text.

Here are a few ways to improve your score until your privacy notice is readable enough:

  • Make your sentences shorter and more concise.
  • Use shorter and simpler words.
  • Focus on the highlighted text that’s displayed in the Readable.io text box, after the text has been scored. The highlights are color-coded to help you quickly identify each specific type of issue, and fix it. (For example, long sentences are highlighted in one color, long words in another).
  • Follow any pop-up tips in the text box. (When you hover the cursor over the text, a tooltip pops up with specific advice.)
  • Avoid legalese and jargon, or any other complicated language.
  • Switch from passive voice to active voice.

An example of a privacy notice that needed readability help

To help you understand exactly how Readable.io can help make your privacy notice much easier to read, we thought we’d show you an example. This sample privacy notice originally scored 39 on the Flesch Reading Ease scale, and a “D” rating on Readable.io, as you can see on these partial screen captures. (The “D” rating is Readable.io’s proprietary score, used to quickly assess overall readability. This rating is particularly useful when you’re prioritizing multiple documents that need to be improved. It’s heavily weighted on the Flesch Reading Ease score, along with other readability factors.)

Here is the “before” picture of the example document scoring, before any editing.

Looking at the Text Statistics in the results, we see that some of our sentences are very long. We know from the Flesch Reading Ease formula itself that sentence length has a somewhat bigger impact on the score than word length. So, we started with breaking the sentences down into shorter sentences. For our second pass, we shifted our focus to eliminating overly long words and replacing them with shorter words. (Thesaurus.com is very helpful for this task.)

After a couple of attempts at this, we failed to get our score in the target range. It turns out, a better approach is to attack both sentence length and word length together in each pass. This approach is more efficient, and results in smoother flow in the writing. Of course, it’s a balancing act, trying to make a document more readable without interfering the “flow” or “dumbing it down”.

Special challenge: The hardest part was working around some of the legal language that has to be included in privacy notices. Legal language is very difficult to make more readable. This is why one of the focuses of the GDPR is shifting away from legalese. Privacy notices with less legalese are considerably more consumer-friendly.

After a few attempts at shorter sentences and words, we finally achieved a desirable score of 53.1. While this is technically only a “C” on Readable.io’s rating, it does meet our goal of a Flesch Reading Ease Score of 45 or better.

In these screenshots, you can see our updated readability score and grade:

And here you can see that our average words per sentence improved significantly:

A few final thoughts

As you can see, making your privacy notices easier to read is very important, and in some cases, it’s also the law. More concise and readable privacy notices will keep your business compliant, and make your customers happier at the same time. And, tools like Readable.io make the process as simple and measurable as possible.

Dave Child

Dave is the founder of Readable and has been building websites since the early 90s. He’s one of those fortunate people who gets to do what he loves for a living.