It’s finally here: May 25. Also known as Day Zero for GDPR, the European Union’s new privacy regulations. Also known as, “Oh shit, are we in compliance?” Day.
Every company or organization that hoovers up any kind of personal data from EU citizens will now need to make its updated privacy policies clear to users–and the main way many are doing that is through email. You’ve probably got dozens of these statements in your spam folder right now . . . just waiting to be pored over, I guess? Most of these emails are variations on the same boilerplate language, but several contain a bit of flourish to articulate something about their approach–whether it’s a nod to how much they’ve always valued your privacy or some self-congratulation for their transparency (required by law).
Their opening lines offer a glimpse of the way legal policy and user experience are colliding under the new regulations. Here’s just a smattering.
We value your privacy . . . per the law
Etsy: “We value your privacy and want you to understand the choices and control you have over your information on Etsy.”
Quora: “We value your privacy, and want to make sure you’re aware of your options to control your data on Quora.”
Yelp: “We value your privacy and want you to understand how Yelp uses your information.”
Houzz: “We value our relationship with our community and your privacy.”
Moo: “At MOO, we value your privacy.”
Meetup: “Meetup brings people together in real life to create community. We enable welcoming, inclusive, safe experiences in real life, and respect your privacy and data security while you use our apps and website.”
Check out our transparency
eBay: “We are updating our User Privacy Notice to reflect changes we’ve made to strengthen your privacy rights. This is part of our ongoing commitment to be transparent about how we use your data and keep it safe.”
Spotify: “At Spotify, we want to give you the best possible experience to ensure that you enjoy our service today, tomorrow, and in the future. It is also our goal to be as open and transparent as possible with our users about the personal data we collect to provide that service, how it is used, and with whom it is shared.”
This is for your own good
InVision: “InVision is committed to helping teams around the world design and build the best digital products. To support growth, and help ensure InVision and our customers remain compliant with upcoming changes to the EU data protection law (General Data Protection Regulation, or “GDPR”), we’ve made a number of updates to our privacy practices, policies, and agreements.”
National Geographic: “We are updating our User Privacy Notice to reflect changes we’ve made to strengthen your privacy rights.”
Zaha Hadid Architects: “Data protection rules are changing. We want to make sure we comply and importantly, ensure we’re only contacting those who wish to hear from us.”
The truth bomb
Everlane: “The thing about privacy policies? Nobody reads them. In fact, most are intentionally written not to be read. With that in mind, we’ve updated ours to make it easier to understand. But since we know most of you probably aren’t clicking on this email (no judgment), here’s a breakdown of what’s new.”
Zwift: “Introducing our new and improved privacy and cookies policies! Now in plain English, so you don’t have to weed through legalese.”
Look, we know you’re drowning in GDPR emails
Ello: “General Data Protection Regulation (GDPR) is coming into effect, and you’ve probably already gotten a few emails about this from other companies. These new regulations are a positive move towards better data privacy for people all around the world.”
Center for Civic Design: “Hi. By now you have an inbox full of emails from companies you interact with telling you that they have made changes to their privacy policies in response to the GDPR.”