We hear a lot about Privacy problems with various online apps and services. But those problems start the minute you sign up and, most likely, ignore the privacy policies. Because if you read them, you’d probably run screaming from your phone or computer.

But no one does that. The convenience, entertainment, and communication we get from all the things we sign up for outweigh most other considerations. And even if you did read every Privacy Policy you came across, you’d likely just come away punch-drunk with confusion. That’s because, as quantified by the folks at VPNoverview(Opens in a new window), privacy policies across the 50 top tech brands are written at a level most people can’t understand. And in some cases, they’d take so long to read that you’d need an afternoon off to get through them.

Below, you can see what VPNovereview determined about privacy policies, looking in particular at overall readability (the lower the score, the harder to read) as well as the total reading time required. This chart covers only the worst offenders. (Find a fully interactive chart as well as access the data list at VPNoverview(Opens in a new window).)  

Of course, even that chart is hard to construe, so the infographic below breaks out the 20 privacy policies that it found to be the worst, including Disney+, Instagram, and the betting app Coral.

Among the offenses uncovered: Coral says it’ll keep your data for seven years, even if you close your account. Instagram is happy to send third parties all your search and location history. And Disney not only shares data, it also has the most impossible-to-parse privacy policy in the world of tech—even though it’s short. (The shortest policy is actually Wayfair’s, at 2.2 minutes of reading time; the longest is from the online marketplace at Vinted, a staggering 138 minutes.)

Other vendors in the top 20 of poor privacy policies include big names including Zoom, Wikipedia, Uber Eats, Netflix, Microsoft, Slack, Spotify, Nintendo, and Yahoo.

The full report says that people should read privacy policies and has advice on how to do that. At the very least, you should read the list of “worst privacy policy terms to look out for.” For example, if the policy mentions “government access to user data,” you can bet the feds have all your info, and that can be pretty far-reaching if your country is part of a sharing deal with other countries(Opens in a new window). And any policy that says the service has access to your IP address probably means it knows exactly where you are. Collecting your biometric identifiers? That’s a no-no that many apps do anyway. The list goes on.

No one is really expecting that any vendor will change its privacy policy in favor of users, but the one thing services can and should do is improve the clarity of their written policies. Even though policies are legal documents, they don’t have to be overlong and over-written in legalese to work.