Want Users to Read Your Privacy Policy? Make it Delightful.

It’s not every day you see lawyers work with designers to create a legal document that’s functional, easy to read and, quite simply, beautiful. That is exactly what Melbourne-based digital marketing agency, August have done with their privacy policy, in collaboration with Hive Legal.

Here’s the story of how it all came together.



Hello and welcome to this special edition of InCounsel where we get all lovey-dovey about a privacy policy. Yes, a privacy policy. But in this digital world where people actually care about their privacy, 99% of these policies really never get read or if you even tried, your eyes would probably glaze over within the first 30 seconds trying to decipher the legal gumpf that's in these things typically.

But this one is different. It's produced for a Melbourne based digital marketing agency called August. It's a pleasure to read and delightful to look at. It was designed and written in collaboration with the legal minds and the design thinking brains at Hive Legal, also Melbourne based.

So, I'm pleased to be joined today by Sarah El-Atm at August, Melissa Lyon and Ella Cannon at Hive Legal. Thanks for dialling in guys.

Just to kick off: Sarah at August, you've built I think the most beautiful privacy policy in the world. Let's get started with why?

Sarah El-Atm, August: For us, there were probably a couple of reasons from a brand perspective for August where we're incredibly passionate about accessibility and making sure that every touch point of our clients' work that we do for them is on brand. We thought it was a great opportunity to practise what we preach in this space and look after a piece of content that is typically a 'boring document' but really making it a fantastic brand experience and something interesting and easy to understand for anyone that needs to access the privacy policy.

As a marketing agency the rest of your website looks amazing. Prior to this, what did the privacy policy look like? Was it just the standard thing that you would typically see on every other privacy policy?

August + Hive Privacy Policy design sprint in action.

August + Hive Privacy Policy design sprint in action.

Pretty much. It was a standard content page. The words of the privacy policy were still on brand, but it was very much skewed towards more legalese than human language. It was an exciting opportunity to collaborate with Mel, Ella and the team at Hive and really work through how we can make sure that the language stayed compliant but was on brand and plain English.

How did you come across Hive? Why did you pick them to work on this project with you guys?

We were in touch for a while before we collaborated together. Hive have such a strong reputation in doing some interesting things within the legal profession and thinking differently. We were keen to work together as a multidisciplinary team and push our design and development skills along with the legal minds at Hive. It was very much a natural conversation and natural progression where we were talking with each other and thought we can absolutely do this together. We can find the best way possible to do it. So, we combined our processes and created something unique to make this happen.

Ella and Melissa from Hive: can you guys step us through the process you went through and what roles did you each play?

Melissa Lyon, Hive Legal: Yeah, sure. As Sarah said, we really combined our processes on this and it was very much a multidisciplinary approach, looking at blending the legal way of working with the design skills as well. We used a process and a way of thinking that we use at Hive, which we call HiveThinkP – the "P" standing for Purpose. It's a design thinking framework that we've been using for a while now.

We approached this project by defining, as a group, both August and Hive, what the real purpose of this project was. We had some great discussions around that and really homed in on why we were doing something like this. Then we stepped through the much more traditional design thinking processes, looking at the empathy side of things to work out who this privacy policy affected, what we were trying to achieve for them.

The beauty of it was that as a multidisciplinary team, we all sat together on a number of different occasions and worked through the process at the same time. That had the amazing benefit of bringing all those skills together and enabling us to identify who we were designing for, what mattered to them, and what aspects of the policy we really needed to achieve to get a good result. Then we dovetailed that with August's processes and design sprints and the way that they do things as well. So, I'll hand over to Sarah for the second part because that was very much a design sprint type of process.

Sarah: Absolutely. We ran a design sprint with Hive in the room to make sure we could get all our ideas on paper as much as possible. It's a fantastic way to translate what you're thinking and what you think you can sketch out very quickly onto paper and then realising actually, this may not work, or this is going to work really well. So, we went through a couple of pathways through the design sprint in finding quite a lot of common ideas, but then also some unique ideas around animation and design elements that we took into the final build. For us, our designers and developers then looked at that inspiration that we gathered during the design sprint and started to build out the page from there.

It was interesting because we ended up going down one particular design path at first and realised that while this was a good brand experience, it wasn't going to be achieving the outcomes that we were looking for in the first place. So, we ended up changing tack and going down one of the other design sprint paths with Hive and have stuck with that. That's the final outcome. Telling a story with Fernando and taking him on an adventure.

[We] ended up going down one particular design path at first and realised that while this was a good brand experience, it wasn’t going to be achieving the outcomes that we were looking for in the first place. So, we ended up changing tack...

For those that don't know what a 'design sprint' is, can you very quickly explain what that is?

A design sprint is something that you do in a very short amount of time, hence the 'sprint' label to it. It’s a way to think about solving a problem using design. Incorporating visual cues and representing your ideas and solutions visually. It's about getting as many ideas as possible, and from as many people involved on the project as possible, to then start to filter down those ideas. Designers love the process because they get lots of input and they're not trying to solve this problem on their own. Instead, they’re gathering feedback from clients, developers, copywriters, and from all different disciplines sitting at the table. Design sprints can run for different lengths of time. Ours was very short and it allowed us to get a lot of thinking and a lot of ideas out quickly.


Mel: They were some of the best parts I think of this process too, the design sprints where we were really bringing in the work that we'd done before when we decided the purpose of the project and also what the users of the policy were looking for. I'm looking now at the handwritten notes around what came out of the initial part of the process and they include the guiding themes or what this policy should actually deliver. These themes really anchored the process (which is relevant to this policy being an underwater adventure by the Fernando) whilst at the same time allowing for creativity as well.

So, it was fantastic to be in that room and see that blending of the skills and how we bounced off each other to do different things. Some of the things that we came up with in terms of what we wanted to achieve included a consistent experience in terms of the values, the way that it worked, the voice that we had. We had a list of all of these things that were constantly front of mind for us as we went through the process, and the design sprints and eventually got this great result.

Broadly speaking, what comes first? Is it looking at the words that need to go in and paring it back to be on brand; or is it the design and the overall structure and feel? Does one or the other come first or is it all merged into one whole holistic approach?

Ella Cannon, Hive Legal: It was a bit of a chicken and egg situation, in that both components were very relevant and tied in together. Because of this, we needed to build in both the design and written word components at every step along the way. We had to think about, well, what message is needed through the words and design, and how can we communicate that message in a different way? Looking at the design and the words was very enmeshed.

The policy feels like it's got no actual 'law' in it (in a very good way!) but I assume it ticks all the legal boxes and requirements?

Ella: Yeah, that's right. In Australia, there are a number of mandatory legal requirements for a privacy policy (and certain information that an organisation has to include). Ensuring that we incorporated those matters and very clearly address them within this policy was identified very early on as a critical component to this project. It was important that we didn't get carried away in creating something that was really fun but didn't actually comply with the law. We're confident that this policy does do that, in that it does meet all mandatory legal requirements and contain the information that it needs to.

It was important that we didn’t get carried away in creating something that was really fun but didn’t actually comply with the law.

But I guess we just approached this with the aim of communicating it in a much more accessible way and really stripping back the legal focus. What we've seen abroad and particularly in the EU is that there has been a shift, particularly in the privacy space, towards greater accessibility and creating public privacy documents to communicate something as opposed to creating them with the aim protecting the organisation from liability or claims. I don’t believe that this protective element was ever really the aim of mandating privacy policies.  

Accessibility and communication has very much been a focus in the EU’s GDPR, and we're seeing a push towards that in Australia, with certainly some comments from the regulator about how organisations be viewing privacy as more than a compliance checkbox exercise – they should be looking for opportunities to support end users and consumers and really bring them into the whole conversation. That was a big part of this project here as well.

I've seen a number of more visual privacy policies coming to the market that have this beautiful, easy to understand, graphical representation of people's privacy rights. They then couple that with a fine print version which defaults to a traditional, heavy on the 'legalese' version. You have two versions as well, but they very similar in terms of having the same text, but without those amazing visuals. Why have both?

Sarah: We were keen to make sure that if somebody didn't really want to scroll through all the illustrations and the storytelling component and they just needed to access the words, then that option was available to them. We also wanted to make sure that for some clients or other people that need to read the policy for their own compliance purposes and their own risk mitigation, that they could access it quickly and in a form they could either print or download. It was about giving people options and choice.

Ella: And I think that's absolutely a part of it, because it wasn't so much that we were concerned that the visual version needed a corresponding fine print version for compliance reasons – we were confident that this visual component as a standalone policy would satisfy legal requirements. Having the dual versions was more an acknowledgement that, well maybe the visual policy isn't for everyone and maybe some people do prefer that more traditional way of reading through a privacy policy. The print functionality is really important in that regard too. But another thing that I think we all agreed on is that if we were to have two versions, we didn't want the plain text version to have any new information buried within it that wasn't accessible and evident from the “fun version”. So, the text in both is very similar and that was intentional – we really wanted them to should the same information.

I guess you've probably got some analytics on those web pages and are able to see where people are reading to or scrolling to? Over time, you might have the data on which version people prefer, or which version people are actually scrolling to the bottom and reading all the way through?

Sarah: Absolutely. It's actually the visual version of the privacy policy that is our most visited page on the website at the moment. Pretty exciting – I was certainly nerding out big time when I found that out. People are spending time on it as well; they're spending four to six minutes on that actual page, which is a really long time to be spending on a website privacy policy. We’re incredibly proud of the result for sure.

It’s actually the visual version of the privacy policy that is our most visited page on the website at the moment.

That's awesome. Just further to that, have your clients or your users noticed? What else is on your roadmap to 'de-legalese'?

Sarah: They have noticed, and it's definitely a conversation we're having with a number of clients, which is really exciting. In terms of future thinking, absolutely, we're working with Mel and Ella further to think about how we expand to different types of contracts – for example terms and conditions. How do we make sure that certain commonly used contracts or legal information can be portrayed and can be displayed in an interesting and easy to understand way.

And similarly, for Hive: what other contracts and documents could you do this for?

Mel: We're continuing to focus on the opportunities in the privacy area and looking at where can we can expand this process into and what we can do. We're looking at it on a case by case basis and also in terms of what our clients might want and what they need.

I think one of the ways to look at it is what's brought us to this point and who we've been inspired by and what's happening out there in the market. A lot of our inspiration for this project came from those legal designers that are doing some amazing things outside Australia. Stefania Passera has done some amazing privacy work with Juro. Margaret Hagan, Director of Legal Design Lab and Stanford Law School does amazing access to justice documentation. And Meera Klemola who is from Osberv has done great work with arbitration processes.

The initial inspiration came from the work that Camilla Baasch Andersen has done with Aurecon and their visual/comic employment contracts. When we started to look at those things and see how comic inspired contracts could be done, that blew our minds and really got us started on this journey.

There is so much opportunity for us to look at all types of legal policies and documents. But it really has to be with that purpose in mind so that the policies or documents work for the end users and clients and the stakeholders that are dealing with those types of documents. It was interesting in this project when we first started, we were inspired by the visual nature of these types of things, but then we realised that we were probably narrowing our focus too much because it doesn't necessarily have to be a visual – it could be audio, it could be different types of things. This process of thinking much more broadly around the end user and the people involved allowed us to think more creatively about how accessibility can be improved for legal documents. It's not just making them plain English, it's actually how they're delivered and there were so many different ways that that can occur.

Indeed, I really look forward to seeing what else you guys come up with in the future and seeing them come to life in the other documents. Congratulations on an amazing job, I'm sure you'll get plenty more interest from clients and interested parties about this project. Thanks so much again for speaking to us, Sarah, Ella and Melissa.

Thank you. Thanks, David.




The Agile GC: Sarah Gaidzkar at PageUp —>





InCounsel Weekly: Bite-sized insights for in-house counsel and creative legal minds.