Last month, during my commencement for a Master's in Privacy Engineering at CMU, my friends and I were joking about the absurd volume of unreadable privacy policies we’d spent semesters dissecting. What started as a graduation joke stuck with me, and over the last few weeks, it transformed into this actual project.
I’m personally very privacy-conscious—I self-host my NAS, run Immich for my photos, and try to self-host where I can. But completely decoupling from third-party services is nearly impossible. Even with a technical background in privacy and security, figuring out what a SaaS tool actually does with your data telemetry means wading through buried boilerplate that no one has time to read.
I built HonestPrivacyPolicies.org to turn that text into structured, actionable insights.
Would love your feedback. A few questions I've been asking ppl : 1. What would you love to see in a privacy policy (check our pp as well) 2. What questions do you want answers to when you give your data to an org
Cheers!