Software terms of service and privacy policies explained

If you’re like most people, you don’t read the Terms of Service when you get a new app or buy a new device. That’s a big mistake, because a lot of apps on the market that are less-than-ideal, known as “grayware,” count on you allowing them access to your information.

Image

If you’re like most people, you don’t read the Terms of Service when you get a new app or buy a new device. That’s a big mistake, because a lot of apps on the market that are less-than-ideal, known as “grayware,” count on you allowing them access to your information. They know most people don’t read the Terms of Service, so their Terms of Service include language authorizing a massive invasion of your privacy. At the same time, you might have noticed that most Terms of Service is just boilerplate. How do you read the Terms of Service and find out what you need to know about privacy without wasting a bunch of time reading standard terminology?

The Privacy Policy Is the Most Important

When it comes to maintaining the security and integrity of your data, the only thing that you really need to read is the privacy policy contained in the Terms of Service. A lot of the rest will not be necessary to protecting your data. So when you start looking at your terms of service, you can skip right to the privacy policy and begin reading there.

Now comes your second problem. For the most part, Terms of Service are written in legalese. They can be difficult, even for people used to reading such documents, to fully understand. So how do you decipher a privacy policy?

  • Every privacy policy basically consists of six different parts.
  • The “notice” section tells you what information will be collected and how it will be used. This is, in some ways, the most important part of any privacy policy.
  • The “security” section is also important, as it tells you what the company is doing to secure the data it obtains from you.
  • “Access” and “onward transfer” clauses will explain who can access your data and who, if anyone and under what circumstances the data is shared with.

Note that a reputable company wants their privacy policy to be as transparent as possible, while also adhering to the letter of the law. On the other hand, companies that might be looking to take advantage of you will make their privacy policies needlessly complicated.

What To Look For in a Privacy Policy

Since there are as many privacy policies as there are companies on the Internet, it’s difficult to drill down too directly on what exactly will be in a privacy policy. However, some things to look for when you’re reading a privacy policy include:

  • An explicit list of what data is being collected from you. Companies generally have to collect some kind of data from you in order for their products to work. They should say exactly what data they are collecting.
  • A list of who they are sharing your information with and why. The language here will generally be vague -- i.e., “third parties.” That’s fine, but under what circumstances do they share your data? Do they only share with companies that have security policies and under the course of normal business? If there aren’t any clauses explaining who these third parties are and when they share your data, that can be a huge red flag.
  • The privacy policy should include language about how they are protecting your data. This will generally include some explanation of how the data is stored. If this part of the privacy party is missing or lacking, look for a competing piece of software or hardware.

When in doubt, don’t be afraid to email customer service and start asking questions. Companies that are more reputable are more likely to answer your questions promptly.

The problem in a lot of cases isn’t that that company in question wants to do anything nefarious with your data. It’s just that they’re not taking your Internet security and privacy seriously enough. That can be just the kind of lax security that sets them -- and you -- up for a major breach.

Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 

Contents

    Want more?

    Follow us for all the latest news, tips and updates.