On 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals.

The ICO has stated that “being transparent and providing accessible information to individuals as to how you will use their personal data is a key element of the Data Protection Act 1998” and the EU General Data Protection Regulation (GDPR). The most common way to provide this information is in a privacy notice. The code uses the term “privacy notice” to describe all the privacy information that you make available or provide to individuals when you collect information about them.

The Privacy Code is published at a time when people’s expectations about personal data are changing. Whilst consumers increasingly share information on social media and allow their data usage to be monitored and profiled, they are also increasingly concerned about abuse of their data protection rights and also confused by lengthy and legalistic privacy policies.

The ICO makes it clear that the preference is to use the words “privacy notice” rather than “privacy policy” and that “it is still of paramount importance for organisations to be transparent about their processing and comply with the legal requirements to provide privacy information. Moreover, many organisations embrace transparency as a means of building trust and confidence with their consumers and use it as a means of distinguishing themselves from their competitors.”

The Privacy Code contains useful examples of appropriate consent and notice language, icons for privacy and is drafted in anticipation of GDPR.