Terms of Service and Privacy Policy Documents

Criteria: I can easily find, read, and understand the terms of service and privacy policy.

See this test in action:

• Smart lock
• Smart pressure cooker
• Smart baby monitor

Note: This test applies the same indicators to a company’s terms of service and privacy policy. We have separated the process and results into a section for each document for clarity.

Methodology for Assessing Each Indicator

1) The company clearly discloses which terms of service apply to the product/service in question.

• Obtain and review a copy of the product’s terms of service.
• If you can find the terms of service and it is clear that they apply to the product you are testing, mark PASS.
• If you can find the terms of service but it is not clear that they apply to the product you are testing, mark PARTIAL PASS.
• If you cannot find the terms of service, mark FAIL.

2) The terms of service are easy to find.

• If you can easily find the terms of service, mark PASS.
• If you cannot easily find the terms of service, mark FAIL.

3) The terms of service are available in the language(s) most commonly spoken by the company's users.

• To assess whether the terms of service are available in the necessary language(s) requires us to know more about the product’s distribution and global sales. This may be, but is not always available, on the product’s website.
• If the product’s website provides a list of all countries in which the product is sold and you can find the terms of service in languages that apply to all countries in which the product is for sale, mark PASS.
• If you can find the terms of service in one language or more, but it is not clear whether those languages apply to the majority of the product’s users, mark PARTIAL PASS.
• If you cannot find the terms of service, mark FAIL.

4) The terms of service are presented in an understandable manner.

• To assess whether the terms of service are “understandable” is challenging and requires information that is not provided in the current indicators for the Digital Standard. An “understandable manner” is an ambiguous term, and different testers may interpret it in different ways.
• For example, there is debate about best practices in length of terms of service. There is an argument that a shorter, more plain-language set of terms of service is preferable because non-experts are more likely to read it. There is also an argument that a long, comprehensive terms of service gives users complete information about the product that they are using without leaving facts out or ambiguity of terms.
• In order to establish what an “understandable manner” is for the purpose of evaluation, the tester must generate an opinion as to what the best practices for understandable terms of service development are, and apply those to the product’s terms of service.
• For the purposes of this process, we suggest that “understandable” be applied as using plain language to describe policies, a clear structure that allows users to easily review by using headings or other structural signposts, and defining ambiguous terms like “Content,” “Third Party,” etc. to clarify for users.
• If the terms of service are written in plain language, the important terms are defined, and the document is easy to follow, mark PASS.
• If some, but not all of the above are true, mark PARTIAL PASS.
• If none of the above are true, mark FAIL.

Methodology for Assessing Each Indicator

1) The company clearly discloses which privacy policy applies to the product/service in question.

• Obtain and review a copy of the product’s privacy policy.
• If you can find the privacy policy and it is clear that it applies to the product you are testing, mark PASS.
• If you can find the privacy policy but it is not clear that it applies to the product you are testing, mark PARTIAL PASS.
• If you cannot find the privacy policy, mark FAIL.

2) The privacy policy is easy to find.

• If you can easily find the privacy policy, mark PASS.
• If you cannot easily find the privacy policy, mark FAIL.

3) The privacy policy is available in the language(s) most commonly spoken by the company's users.

• To assess whether the privacy policy is available in the necessary language(s) requires us to know more about the product’s distribution and global sales. This may be, but is not always available, on the product’s website.
• If the product’s website provides a list of all countries in which the product is sold and you can find the privacy policy in languages that apply to all countries that the product is for sale in, mark PASS.
• If you can find the privacy policy in one language or more, but it is not clear whether those languages apply to the majority of the product’s users, mark PARTIAL PASS.
• If you cannot find the privacy policy, or conclude that the privacy policy is not available in all of the commonly spoken languages of users, mark FAIL.

4) The privacy policy is presented in an understandable manner.

• This indicator is a challenge to evaluate. An “understandable manner” is an ambiguous term, and different testers may interpret it in different ways.
• In order to establish what an “understandable manner” is for the purpose of evaluation, the tester must generate an opinion as to what the best practices for understandable privacy policy development is, and apply those to the product’s terms of service.
• For the purposes of this process, we suggest that “understandable” be applied as using plain language to describe policies, a clear structure that allows users to easily review by using headings or other structural signposts, and defining ambiguous terms like “Content,” “Third Party,” etc. to clarify for users.
• If the privacy policy is written in plain language, the important terms are defined, and the document is easy to follow, mark PASS.
• If some, but not all, of the above are true, mark PARTIAL PASS.
• If none of the above are true, mark FAIL.