The guidance provides the following 10 key recommendations:
- Readability: Privacy policies should be written in plain, straightforward language that is meaningful to, and can easily be understood by consumers. For smaller screens, such as privacy policies read through mobile apps, the guidance suggests using a layered format that highlights the most relevant privacy issues.
- Data Use and Sharing: Privacy policies should explain how PII is used and shared with other entities, including affiliates and marketing partners, and provide a link to the privacy policies of such third parties.
- Individual Choice and Access: Privacy policies should describe the choices a consumer has regarding the collection, use, and sharing of his or her personal information
- Security Safeguards: Privacy policies should explain how the website or app operators protect consumers’ PII from unauthorized or illegal access.