| P3P 1.0 element definitions and translations - 27 May 2003 DRAFT |
|
| P3P Element |
|
P3P Spec Definition |
IE6 Translation |
Proposed Translation [from LFC] |
Notes |
Jeremy's notes |
| n/a |
n/a |
n/a |
n/a |
n/a |
|
We do not use
the "this web site" convension in the
definision b/c the headers give this info |
| |
discuri
(attribute of POLICY element) |
URI of the
natural language privacy statement |
To read this Web
site's complete privacy policy, click here |
Read this site's
full privacy policy at [with link to discuri] |
|
you had no IE6
translation before so I added the current one and
it is the same as your suggested one |
| |
opturi
(attribute of POLICY element) |
URI of
instructions that users can follow to request or
decline to have their data used for a particular purpose (opt-in or opt-out) |
|
Find out how to
opt-out at [with link to opturi] |
|
I agree with
your recommendation |
| ENTITY |
|
Identifies the
legal entity making the representation of the
privacy practices contained in the policy |
|
How to reach
this site [display all entity information provided
by site] |
|
How to contact
this provider [display all entity information
provided by site] |
| ACCESS |
|
the ability of
the individual to view identified data and address
questions or concerns to the service provider. Service providers MUST
disclose one value for the access attribute. The method of access is not
specified. Any disclosure (other than <all/>) is not meant to imply
that access to all data is possible, but that some of the data may be
accessible and that the user should communicate further with the service
provider to determine what capabilities they have. |
What types of
information about myself do I have access to? |
Access to your
information |
I use the phrase
"identified with you" rather than about
you because arguably information that is not identified with you may still be
about you (identifiable) -- is this the best we can do or is there a clearer
way to say this? |
What information
collected about me can I access? |
| |
nonident |
Web site does
not collect identified data. |
Personally
identifiable information is not collected and
therefore is not accessible. |
This site does
not keep any information identified with you in
its records |
We use the
phrase "this site" throughout this
section and elsewhere. In many cases it doesn't really refer to the site but
actually the people who run the site. On the other hand, it is concise and
probably conveys the appropriate meaning. Is there a better phrase we should
be using? |
Personally
identifiable information is not collected by this
site and therefore is not accessible. |
| |
all |
All Identified
Data: access is given to all identified
data. |
All personally
identifiable information. |
This site allows
you to access all of the information identified
with you in its records |
|
Access all of
the personally identified information collected
about you |
| |
contact-and-other |
Identified
Contact Information and Other Identified Data:
access is given to identified online and physical contact information as well
as to certain other identified data. |
Personally
identifiable online and physical contact
information, as well as to other information linked to an identifiable
person. |
This site allows
you to access your contact information and certain
other information identified with you in its records |
|
|
| |
ident-contact |
Identifiable
Contact Information: access is given to identified
online and physical contact information (e.g., users can access things such
as a postal address). |
Personally
identifiable online and physical contact
information such as a postal address. |
This site allows
you to access your contact information in its
records |
There is a typo
in the P3P spec. "Identifiable" should
be "Identified" |
Personally
identified online and physical contact information
such as a postal address. |
| |
other-ident |
Other Identified
Data: access is given to certain other identified
data (e.g., users can access things such as their online account charges). |
Certain other
information linked to an identifiable person such
as online account charges. |
This site allows
you to access some of the information identified
with you in its records |
|
access some of
the information identified with you such as online
account charges. (I think examples help the uesr identify with what it is
saying) |
| |
none |
None: no access
to identified data is given. |
None. |
This site does
not permit you to find out what information
identified with you is stored in its records |
|
No access is
given to you to finf out what information
identified with you is collected. |
| DISPUTES |
|
Describes
dispute resolution procedures that may be followed
for disputes about a services' privacy practices, or in case of protocol
violation. |
How does this
Web site handle disputes about collected data? |
How to resolve
privacy-related disputes with this site |
|
agree with yours |
| |
service |
Individual may
complain to the Web site's customer service
representative for resolution of disputes regarding the use of collected
data. The description MUST include information about how to contact customer
service. |
%User Agents
display the policies Short Description string
here% |
[display long
description and short description, if provided,
with hyperlink to service URI] |
|
agree with yours |
| |
independent |
Individual may
complain to an independent organization for
resolution of disputes regarding the use of collected data. The description
MUST include information about how to contact the third party
organization. |
%User Agents
display the policies Short Description string
here% |
[display long
description and short description, if provided,
with hyperlink to service URI] |
|
agree with yours |
| |
court |
Individual may
file a legal complaint against the Web site. |
An individual
may file a legal complaint against the Web site. |
[display long
description and short description, if provided,
with hyperlink to service URI] |
|
|
| |
law |
Disputes arising
in connection with the privacy statement will be
resolved in accordance with the law referenced in the description. |
%User Agents
display the policies Short Description string
here% |
[display long
description and short description, if provided,
with hyperlink to service URI] |
|
agree with yours |
| REMEDIES |
|
Remedies in case
a policy breach occurs |
|
[no heading -
display this following corresponding disputes
element] |
|
|
| |
correct |
Errors or
wrongful actions arising in connection with the
privacy policy will be remedied by the service. |
|
This site will
correct any errors it makes related to the
commitments in its privacy policy |
|
|
| |
money |
If the service
provider violates its privacy policy it will pay
the individual an amount specified in the human readable privacy policy or
the amount of damages. |
|
This site will
pay individuals if it violates its privacy policy |
|
|
| |
law |
Remedies for
breaches of the policy statement will be
determined based on the law referenced in the human readable description. |
|
This site's
privacy policy references a law that will
determine any remedies for breaches of that policy |
|
|
| NON-IDENTIFIABLE |
|
This element
signifies that either no data is collected
(including Web logs), or that the organization collecting the data will
anonymize the data referenced in the enclosing STATEMENT. In order to
consider the data "anonymized", there must be no reasonable way for
the entity or a third party to attach the collected data to the identity of a
natural person. Some types of data are inherently anonymous, such as
randomly-generated session IDs. Data which might identify natural people in
some circumstances, such as IP addresses, names, or addresses, must have a
non-reversible transformation applied in order be considered
"anonymized". |
|
Any collected
data is anonymized |
|
agree with
yours. |
| PURPOSE |
|
purposes for
data processing relevant to the Web. |
Why is this
information collected? |
How your
information may be used |
|
|
| |
current |
Completion and
Support of Current Activity: Information may be
used by the service provider to complete the activity for which it was
provided, such as the provision of information, communications, or
interactive services -- for example to return the results from a Web search,
to forward email, or place an order. |
Information may
be used by the Web site to complete the activity
for which it was provided, whether the activity is a one-time event, such as
returning the results from a Web search, forwarding an e-mail message or
placing an order; or a recurring event, such as providing a subscription
service or allowing access to an online address book or electronic wallet. |
To carry out the
activity for which the information was provided |
|
I agree with you |
| |
admin |
Web Site and
System Administration: Information may be used for
the technical support of the Web site and its computer system. This would
include processing computer account information, information used in the
course of securing and maintaining the site, and verification of Web site activity
by the site or its agents. |
Information may
be used for the technical support of the Web site
and its computer system. For example, to process computer account
information, to secure and maintain the site, or to verify Web site activity
by the site or its agents. |
For web site and
system administration |
It might be more
precise to say "To facilitate web site and
system administration" but "facilitate" is kind of a big word
which I would rather avoid |
I agree with you |
| |
develop |
Research and
Development: Information may be used to enhance,
evaluate, or otherwise review the site, service, product, or market. This
does not include personal information used to tailor or modify the content to
the specific individual nor information used to evaluate, target, profile or
contact the individual. |
Information may
be used to enhance, evaluate, or otherwise review
the Web site, service, product, or market. |
To do research
and development without creating a record
identified with you |
|
I agree with you |
| |
tailoring |
One-time
Tailoring: Information may be used to tailor or
modify content or design of the site not affirmatively selected by the
particular individual where the information is used only for a single visit
to the site and not used for any kind of future customization. For example,
an online store that suggests other items a visitor may wish to purchase
based on the items he has already placed in his shopping basket. |
Information may
be used to tailor or modify the content or design
of the Web site during a single visit to the site. For example, an online
store might suggest other items for a visitor to purchase based on items he
has already placed in his shopping basket. |
To customize the
site for your current visit |
|
I agree with
you. |
| |
pseudo-analysis |
Pseudonymous
Analysis: Information may be used to create or
build a record of a particular individual or computer that is tied to a
pseudonymous identifier, without tying personally-identifiable information
(such as name, address, phone number, email address, or IP address) to the
record. This profile will be used to determine the habits, interests, or
other characteristics of individuals for purpose of research, analysis and
reporting, but it will not be used to attempt to identify specific
individuals. For example, a marketer may wish to understand the interests of
visitors to different portions of a Web site. |
Information that
is based upon a unique identifier but that cannot
be linked to an individual may be used for research, analysis, and reporting.
For example, the number of users within a ZIP code. |
To do research
and analysis in which your records may be used
without identifying you |
|
To do research
and analysis in which data collected about you may
be used without identifying you |
| |
pseudo-decision |
Pseudonymous
Decision: Information may be used to create or
build a record of a particular individual or computer that is tied to a
pseudonymous identifier, without tying personally-identifiable information
(such as name, address, phone number, email address, or IP address) to the record.
This profile will be used to determine the habits, interests, or other
characteristics of individuals to make a decision that directly affects that
individual, but it will not be used to attempt to identify specific
individuals. For example, a marketer may tailor or modify content displayed
to the browser based on pages viewed during previous visits. |
Information that
is based upon a unique identifier but that cannot
be linked an individual may be used to make a decision that directly affects
that individual. For example, an individual within a certain ZIP code is
presented with advertisements for companies located in that same ZIP code. |
To make
decisions – for example, about what content or ads
you see at the web site – without identifying you |
structure is a
little convoluted, can we say this more clearly? |
To make
decisions on your behalf without identifying you.
For example, about what content of adds you see at a web site. |
| |
individual-analysis |
Individual
Analysis: Information may be used to determine the
habits, interests, or other characteristics of individuals and combine it
with personally identifiable information for the purpose of research,
analysis and reporting. For example, an online Web site for a physical store
may wish to analyze how online shoppers make offline purchases. |
Information that
can be linked to an individual may be used for
research, analysis, and reporting. For example, data about the types of and
price ranges of products an individual has looked at. |
To do research
and analysis in which your records may be used |
|
To do research
and analysis in which your data may be used |
| |
individual-decision |
Individual
Decision: Information may be used to
determine the habits, interests, or other characteristics of individuals and
combine it with personally identifiable information to make a decision that
directly affects that individual. For example, an online store suggests
items a visitor may wish to purchase based on items he has purchased during
previous visits to the Web site. |
Information that
can be linked to an individual may be used to make
a decision that directly affects that individual. For example, a Web site
might show an individual houses that are within her ability to purchase,
regardless of the price range she has researched before. |
To make
decisions – for example, about what content or ads
you see at the web site |
structure is a
little convoluted, can we say this more clearly? |
To make
decisions on your behalf. For example, about what
content or ads you see at the web site |
| |
contact |
Contacting
Visitors for Marketing of Services or Products:
Information may be used to contact the individual, through a communications
channel other than voice telephone, for the promotion of a product or
service. This includes notifying visitors about updates to the Web site. This
does not include a direct reply to a question or comment or customer service
for a single transaction -- in those cases, would be used. In addition, this
does not include marketing via customized Webcontent or banner advertisements
embedded in sites the user is visiting -- these cases would be covered by the
, and , or and purposes. |
Information may
be used to contact an individual, through a
communications channel other than voice telephone, for the promotion of a
product or service. This includes notifying visitors about updates to the Web
site. |
To contact you
through means other than telephone (for example,
email or postal mail) to market services or products |
|
agree with you |
| |
historical |
Historical
Preservation: Information may be archived or
stored for the purpose of preserving social history as governed by an
existing law or policy. This law or policy MUST be referenced in the element
and MUST include a specific definition of the type of qualified researcher
who can access the information, where this information will be stored and
specifically how this collection advances the preservation of history. |
Information may
be archived or stored for the purpose of
preserving social history as governed by an existing law or policy. |
To preserve
social history |
|
agree with you |
| |
telemarketing |
Contacting
Visitors for Marketing of Services or Products Via
Telephone: Information may be used to contact the individual via a voice
telephone call for promotion of a product or service. This does not include a
direct reply to a question or comment or customer service for a single transaction
-- in those cases, would be used. |
Information may
be used to contact the individual via voice
telephone for promotion of a product or service. |
To contact you
by telephone to market services or products |
|
agree with you |
| |
other-purpose |
Other Uses:
Information may be used in other ways not captured
by the above definitions. (A human readable explanation should be provided in
these instances). |
Other
Uses: %User Agents display the policies
string here% |
For other uses:
[include site's human, readable explanation; if
site omits human-readable explanation say "not described by site"] |
|
agree with you |
| RECIPIENT |
|
the legal
entity, or domain, beyond the service provider and
its agents where data may be distributed. |
Who has access
to this information? |
Who may use your
information |
|
agree with you |
| |
ours |
Ourselves and/or
our entities acting as our agents or entities for
whom we are acting as an agent: An agent in this instance is defined as a
third party that processes data only on behalf of the service provider for
the completion of the stated purposes. (e.g., the service provider and its
printing bureau which prints address labels and does nothing further with the
information.) |
This Web site,
entities for whom it is acting as an agent, and/or
entities acting as its agent. An agent in this instance is defined as a third
party that processes data only for the completion of the stated purpose, such
as a shipping firm or printing service. |
This web site
and the companies that help the site fulfill your
requests (for example, shipping or billing companies that may not use your
information for marketing or other purposes that go beyond fulfilling your
request) |
|
agree with you |
| |
delivery |
Delivery
services possibly following different practices:
Legal entities performing delivery services that may use data for purposes
other than completion of the stated purpose. This should also be used for
delivery services whose data practices are unknown. |
Legal entities
performing delivery services that may use data for
purposes other than completion of the stated purpose. |
Delivery
companies who may also use your information for
other purposes |
|
agree with you |
| |
same |
Legal entities
following our practices: Legal entities who use
the data on their own behalf under equable practices. (e.g., consider a
service provider that grants the user access to collected personal
information, and also provides it to a partner who uses it once but discards
it. Since the recipient, who has otherwise similar practices, cannot grant
the user access to information that it discarded, they are considered to have
equable practices.) |
Legal entities
that have equivalent practices to this Web site. |
Other companies
with similar privacy policies |
|
agree with you |
| |
other-recipient |
Legal entities
following different practices: Legal entities that
are constrained by and accountable to the original service provider, but may
use the data in a way not specified in the service provider's practices
(e.g., the service provider collects data that is shared with a partner who
may use it for other purposes. However, it is in the service provider's
interest to ensure that the data is not used in a way that would be
considered abusive to the users' and its own interests.) |
Legal entities
that are constrained by and accountable to this
Web site, but may use the data in a way not specified in this Web site s
practices. |
Other companies
with different privacy policies |
|
agree with you |
| |
unrelated |
Unrelated third
parties: Legal entities whose data usage practices
are not known by the original service provider. |
Legal entities
whose data usage practices are not known by this
Web site. |
Other companies |
|
agree with you |
| |
public |
Public fora:
Public fora such as bulletin boards, public
directories, or commercial CD-ROM directories. |
Public forums
such as bulletin boards, public directories, or
commercial CD-ROM directories. |
People who
retrieve your information from public bulletin
boards, chat rooms, directories, etc. |
|
agree with you |
| RETENTION |
|
the type of
retention policy in effect |
How long is the
information retained? |
How long your
information may be retained |
|
agree with you |
| |
no-retention |
Information is
not retained for more than a brief period of time
necessary to make use of it during the course of a single online interaction.
Information MUST be destroyed following this interaction and MUST not be
logged, archived, or otherwise stored. This type of retention policy would
apply, for example, to services that keep no Web server logs, set cookies
only for use during a single session, or collect information to perform a
search but do not keep logs of searches performed. |
Information is
not retained longer than the single online
interaction. |
Information is
not retained beyond the current online session |
|
agree with you |
| |
stated-purpose |
For the stated
purpose: Information is retained to meet the
stated purpose. This requires information to be discarded at the earliest
time possible. Sites MUST have a retention policy that establishes a
destruction time table. The retention policy MUST be included in or linked
from the site's human-readable privacy policy. |
Information is
retained to meet the stated purpose and discarded
at the earliest time possible. |
Information is
retained to meet the stated purpose and discarded
at the earliest time possible |
|
agree with you |
| |
legal-requirement |
As required by
law or liability under applicable law: Information
is retained to meet a stated purpose, but the retention period is longer
because of a legal requirement or liability. For example, a law may allow
consumers to dispute transactions for a certain time period; therefore a business
may for liability reasons decide to maintain records of transactions, or a
law may affirmatively require a certain business to maintain records for
auditing or other soundness purposes. Sites MUST have a retention policy that
establishes a destruction time table. The retention policy MUST be included
in or linked from the site's human-readable privacy policy. |
Information is
retained beyond the time it takes to complete the
stated purpose because of a legal requirement or liability. For example, a
law may allow consumers to dispute transactions within a certain time frame,
therefore a Web site may decide to keep a record of transactions. |
Information is
retained beyond the time it takes to complete the
stated purpose because of a legal requirement or liability (for example, if a
law allows consumers to dispute transactions within a certain time period, a
site may keep a record of transactions until the end of that period) |
|
agree with you |
| |
business-practices |
Determined by
service provider's business practice: Information
is retained under a service provider's stated business practices. Sites MUST
have a retention policy that establishes a destruction time table. The
retention policy MUST be included in or linked from the site's human-readable
privacy policy. |
Information is
retained per the service provider's stated
business practices. |
Information is
retained according to the business practices
explained in the site's privacy policy |
|
agree with you |
| |
indefinitely |
Indefinitely:
Information is retained for an indeterminate
period of time. The absence of a retention policy would be reflected under
this option. Where the recipient is a public fora, this is the appropriate
retention policy. |
Information is
retained for an indeterminate period of time. |
Information may
be retained indefinitely |
|
agree with you |
| CATEGORIES |
|
An example of a
non-reversible transformation is removing the last
seven bits of an IP address and replacing them with zeros. This
transformation must be applied to all copies of the data, including those
that might be stored on backup media. An algorithm that replaces identified
data with unique corresponding values from a table is not considered
non-reversible. In addition, a one-way cryptographic hash would not be
considered non-reversible if the set of possible data values is small enough
that all possible hashed values can be generated and compared with the value
that someone is attempting to reverse. |
What kind of
information does this Web site collect? |
Types of
information that may be collected |
|
What type of
information may this site collect? |
| |
physical |
|
Information that
allows an individual to be contacted or located in
the physical world, such as a telephone number or a postal address. |
Name, address,
phone number, or other contact information |
|
agree with you |
| |
online |
Online Contact
Information: Information that allows an individual
to be contacted or located on the Internet -- such as email. Often, this
information is independent of the specific computer used to access the
network. (See the category "Computer Information") |
Information that
allows an individual to be contacted or located on
the Internet, such as an e-mail address. Often, this information is
independent of the specific computer used to access the network. |
Email address or
other online contact information |
|
agree with you |
| |
uniqueid |
Unique
Identifiers: Non-financial identifiers, excluding
government-issued identifiers, issued for purposes of consistently
identifying the individual. These include identifiers issued by a Web site or
service. |
Unique
identifiers issued by a Web site or service for
the purpose of identifying an individual over time. |
Website login
IDs and other identifiers (excluding government
IDs and financial account numbers) |
|
agree with you |
| |
purchase |
Purchase
Information: Information actively generated by the
purchase of a product or service, including information about the method of
payment. |
Information
generated by the purchase of a product or service,
including information about the method of payment. |
Information
about your purchases, including payment methods |
|
agree with you |
| |
financial |
Financial
Information: Information about an individual's
finances including account status and activity information such as account
balance, payment or overdraft history, and information about an individual's
purchase or use of financial instruments including credit or debit card
information. Information about a discrete purchase by an individual, as
described in "Purchase Information," alone does not come under the
definition of "Financial Information." |
Information
about an individual's finances, including account
status, account balance, payment or overdraft history, and information about
an individual's purchase or use of financial instruments, including credit
cards or debit cards. |
Financial
information such as account balances, payment or
overdraft history, and loans |
|
agree with you |
| |
computer |
Computer
Information: Information about the computer system
that the individual is using to access the network -- such as the IP number,
domain name, browser type or operating system. |
Information
about the computer system that the individual is
using to access the Internet, such as the IP number, domain name, browser
type, or operating system. |
The kind of
computer you are using, the software running on
it, and its Internet address |
|
Information
about the computer you are using, the software
running on it, and its Internet address. |
| |
navigation |
Navigation and
Click-stream Data: Data passively generated by
browsing the Web site -- such as which pages are visited, and how long users
stay on each page. |
Information
generated by browsing the Web site, such as which
pages are visited, and how long an individual stays on each page. |
Which pages you
visited on this web site and how long you stayed
at each page |
|
agree with you |
| |
interactive |
Interactive
Data: Data actively generated from or reflecting
explicit interactions with a service provider through its site -- such as
queries to a search engine, or logs of account activity. |
Information
generated from or reflecting explicit interactions
with the Web site, such as queries to a search engine, or logs of account
activity. |
Activities you
engaged in at this web site, such as searches you
performed or logs of account activity |
|
agree with you |
| |
demographic |
Demographic and
Socioeconomic Data: Data about an individual's
characteristics -- such as gender, age, and income. |
Demographic and
socioeconomic data, , such as gender, age, and
income, not tied to an identifiable person. |
Your demographic
and socioeconomic data, such as gender, age,
geographic region, and income |
|
agree with you |
| |
content |
Content : The
words and expressions contained in the body of a
communication -- such as the text of email, bulletin board postings, or chat
room communications. |
The words and
expressions contained in the body of a
communication. For example, the text of an e-mail message, bulletin board
postings, or chat room communications. |
The text of
email you send to this site, bulletin board
postings, chat room communications, etc. |
|
agree with you |
| |
state |
State Management
Mechanisms: Mechanisms for maintaining a stateful
session with a user or automatically identifying users who have visited a
particular site or accessed particular content previously -- such as HTTP
cookies. |
Mechanisms, such
as HTTP cookies, for maintaining an active
connection with an individual or for automatically identifying an individual
who has visited a particular site or previously accessed particular
content. |
Cookies and
related mechanisms |
|
Cookies and
related mechanisms for identifying an individual
on a web site. |
| |
political |
Political
Information: Membership in or affiliation with
groups such as religious organizations, trade unions, professional
associations, political parties, etc. |
Information
about membership in or affiliation with groups
such as religious organizations, trade unions, professional associations,
political parties, etc. |
Groups you are a
member of such as religious organizations, trade
unions, and political parties |
|
agree with you |
| |
health |
Health
Information: information about an individual's
physical or mental health, sexual orientation, use or inquiry into health
care services or products, and purchase of health care services or
products. |
Information
about an individual's physical or mental health,
sexual orientation, use of or inquiry into health care services or products,
and purchase of health care services or products. |
Your health
information, including information about purchases
of healthcare products and services |
|
agree with you |
| |
preference |
Preference Data:
Data about an individual's likes and dislikes --
such as favorite color or musical tastes. |
Data about an
individual's likes and dislikes, such as favorite
color or musical tastes. |
Your preferences |
|
agree with you |
| |
location |
Location Data:
Information that can be used to identify an
individual's current physical location and track them as their location
changes -- such as GPS position data. |
Information,
such as global positioning data, that can be used
to identify an individual's current physical location and track him as his
location changes. |
Your current
physical location |
|
agree with you |
| |
government |
Government-issued
Identifiers: Identifiers issued by a government
for purposes of consistently identifying the individual. |
Identifiers
issued by a government for purposes of identifying
an individual over time, such as a driver s license number, social security
number, or passport number. |
Government-issued
identifiers such as social security numbers |
|
agree with you |
| |
other-category |
Other: Other
types of data not captured by the above
definitions. (A human readable explanation should be provided in these
instances, between the and the tags.) |
Other: %User
Agents display the policies string here% |
Other types of
data: [include site's human, readable explanation;
if site omits human-readable explanation say "not described by
site"] |
|
agree with you |
| |
optional
(attribute of data elements) |
indicates
whether or not the site requires visitors to
submit this data element to access a resource or complete a transaction |
|
|
|
|
| |
no |
the data element
is not optional (it is required) |
|
[append to data
element or category] (optional) |
|
|
| |
yes |
the data element
is optional |
|
|
|
|
| |
required
(attribute of purpose and recipients elements) |
Whether the
purpose is a required practice for the site. |
|
|
|
|
| |
always |
The
purpose/recipient is always required; users cannot
opt-in or opt-out of this use of their data. |
|
|
|
|
| |
opt-in |
Data may be used
for this purpose/recipient only when the user
affirmatively requests this use -- for example, when a user asks to be added
to a mailing list. An affirmative request requires users to take some action
specifically to make the request. For example, when users fill out a survey,
checking an additional box to request to be added to a mailing list would be
considered an affirmative request. However, submitting a survey form that
contains a pre-checked mailing list request box would not be considered an
affirmative request. In addition, for any purpose that users may
affirmatively request, there must also be a way for them to change their
minds later and decline -- this MUST be specified at the opturi. |
|
[append to
purpose/recipient] -- only if you request this |
|
|
| |
opt-out |
Data may be used
for this purpose/recipient unless the user
requests that it not be used in this way. When this value is selected, the
service MUST provide clear instructions to users on how to opt-out of this
purpose at the opturi. Services SHOULD also provide these instructions or a pointer
to these instructions at the point of data collection. |
|
[append to
purpose/recipient] -- unless you opt-out |
|
|
|
|
|
|
|
|
|