diff --git a/app/assets/privacy.html b/app/assets/privacy.html
index 786fb00cc391f522df0c4c18460ed72c684b5af0..54cbbe4c322be0eb40a9d42eb08612919322807c 100644
--- a/app/assets/privacy.html
+++ b/app/assets/privacy.html
@@ -170,21 +170,21 @@
<li>You may exercise any of your rights in relation to your personal data by written notice to us.
</ol>
<h3>Cookies that we use</h3>
- <p>We do neither use nor set any cookies</p>
+ <p>We do neither use nor set any cookies.</p>
<h3>About TLS and HSTS based tracking</h3>
<p>TLS is a protocol used to transmit data via an encrypted communication
- channel over the internet. It is used for the HTTPS protocol. HSTS is a
- security policy that can be employed by websites using HTTS. A website using
+ channel over the internet. The secure HTTPS protocol uses TLS. HSTS is a
+ security policy that can be employed by websites using HTTPS. A website using
HSTS signals the browser to use secure HTTPS connections for any request in
- the future even when the unsecure HTTP version is requested by the user.</p>
+ the future even when the user requests the unsecure HTTP version.</p>
<p>By using many subdomains, and employing HSTS selectively for the
subdomains the website can identify the browser on subsequent requests by
checking for which subdomains the browser remembers the HSTS policy</p>
<h3>How we use TLS and HSTS based tracking</h3>
<p>The demonstration of the TLS and HSTS based tracking for educational
purposes is the sole purpose of this website. The website uses TLS and HSTS
- based tracking to encode a user defined string. The user defined string is
- not decoded on the server. The user defined string is only decoded in the
+ based tracking to encode a user-defined string. The user-defined string is
+ not decoded on the server. The user-defined string is only decoded in the
browser. The decoded string is not transmitted.
The string can only be removed by clearing the browser data. The
string is arbitrary and must not contain personal information.</p>