The Privacy Panel Label
Privacy Panel generates a standardized disclosure label for any company's privacy policy. The format is modeled on the FDA Nutrition Facts panel. The label is factual and neutral: it restates what the policy actually says, without scoring or judgment.
Look Up a Company
Or browse the full company directory.
Every label uses the same format and structure. You don't need to read 20 pages of legalese. The relevant information is always in the same place.
The label is a restatement of public disclosures, not an opinion or grade. Every item links back to the exact quote from the privacy policy that supports it.
Because every label uses the same schema, you can compare any two companies side by side and immediately see where they differ.
What's on the label
Each section of the Privacy Panel label corresponds to a specific category of privacy practice. Here's what each one means and why it matters.
The label title — modeled on the FDA Nutrition Facts panel. It signals a standardized, consistent format for reading about how a company handles your personal data.
Lists every category of personal data the company collects, derived directly from the privacy policy. Sensitive data types (precise location, biometrics, health, financial) are shown first and highlighted in red. Non-sensitive categories follow, smaller and gray.
Discloses whether your data is sold to third parties, shared for advertising, or used for profiling and automated decisions. Each row shows YES or NO based on what the policy actually states.
Shows how many distinct categories of third parties receive your data (e.g., ad networks, analytics, data brokers, law enforcement). More categories = broader data exposure.
States how long the company keeps your data. Indefinite retention is the worst outcome. Short, specific retention periods with deletion on request are best.
Checks which consumer rights the company acknowledges: access, deletion, portability, correction, and opt-out. Rights are only credited when explicitly stated in the policy.
Indicates whether the company honors Global Privacy Control (GPC) and Do Not Track (DNT) browser signals. These are technical mechanisms users can enable to limit data collection.
Shows basic security practices as disclosed in the policy: encryption in transit (HTTPS/TLS), encryption at rest, multi-factor authentication availability, and breach notification commitments.
How the label is generated
Privacy policies are parsed by an AI model (an AI extraction model) that extracts structured data from the raw policy text. For each field, the model provides the specific quote from the policy that supports its determination, along with a confidence score.
The label reflects what the policy discloses. A company may have excellent practices that aren't reflected in a vague policy, or vice versa.
This label summarizes privacy practices as disclosed in the company's privacy policy. This is not legal advice.