I’m a fan of plain English all the time, everywhere. I had to rewrite my undergraduate thesis to use the passive voice ("the experiment was performed") after I submitted a first person narrative ("I performed the experiment"). When I needed a privacy policy, I was pleasantly surprised to find that it didn’t have to be in legalese. In fact, it’s hard to find any hard instructions on exactly what you do need in there. California law requires that you have one if you collect any personal information, but only gives a general idea of what you need to explain.
Most privacy policies are organised as a series of questions, with the answers spelling out what you collect, how you use it and who else sees it. SafeSelling has a comprehensive article on privacy with a section halfway down the page titled "What should my privacy policy include?" that covers the sections you’ll need. I love starting with a template, and ended up basing my policy on this example from the Better Business Bureau.
As I mentioned, I was impressed by how readable most policies are, even for big companies like Google. They don’t have much legal force yet in the US. I wonder if they’ll be drowned in latinate obscurity if they end up in court more often?
Pete Warden's blog 