November 18th, 2020


1. I wish to have contest back at my child-directed web site. May I make use of the Rule’s “one-time contact” exception to previous consent? That is parental, in the event that you precisely design your competition. You might use the “one time contact” exception in the event that you gather children’s online contact information, and just these records, to enter them within the competition, then only contact such kiddies as soon as once the competition comes to an end to alert them whether they have won or lost. At that time, you have to delete the online email address you have got gathered.

If, nonetheless, you anticipate to get hold of the children several time, you have to utilize the “multiple-contact” exception, for which you should also collect a parent’s online contact information and supply moms and dads with direct notice of the information methods and a chance to decide down. The Rule prohibits you from using the children’s online contact information for any other purpose, and requires you to ensure the security of the information, which is particularly important if the contest runs for any length of time in either case.

If you want to gather any information from children online beyond online contact information regarding the contest entries – such as for example gathering a winner’s home target to mail a prize – you have to first offer moms and dads with direct notice and get verifiable parental permission, while you would for any other forms of information that is personal collection beyond online contact information. Should you choose have to get yourself a mailing address and wish to stay inside the one-time exception, you might ask the kid to offer their parent’s online contact information and use that identifier to alert the parent in the event that kid wins the contest. In your reward notification message towards the parent, you could ask the moms and dad to give a true home mailing target to deliver the reward, or ask the parent to phone a phone number to give the mailing information.

2. We have a child-directed internet site that comes with an “Ask the Author” part where young ones can e-mail concerns to featured writers. Do i must offer notice and acquire parental consent?

Then delete the child’s email address (and do not otherwise maintain or store the child’s personal information in any form), then you fall into the Rule’s “one-time contact” exception and do not need to obtain parental consent if you simply answer the child’s question and.

3. We provide e-cards while the ability for young ones to forward components of interest with their buddies on my child-directed software. Am I able to make the most of one of the Rule’s exceptions to consent that is parental should I notify moms and dads and acquire consent with this activity?

The response depends upon the method that you design your e-card or forward-to-a-friend system. Any system providing any possibility to expose information that is personal other than the recipient’s email address calls for you to definitely get verifiable consent through the sender’s moms and dad (not email plus), and doesn’t fall within certainly one of COPPA’s restricted exceptions. Which means that then you must notify the sender’s parent and obtain verifiable parental consent before collecting any personal information from the child if your e-card/forward-to-a-friend system permits personal information to be disclosed either in the “from” or “subject” lines, or in the body of the message.

To be able to make the most of COPPA’s contact that is“one-time” for the e-cards, your online type might only gather the recipient’s email (and, if desired, the transmitter or recipient’s first title); you might not gather just about any information that is personal either through the transmitter or perhaps the receiver, including persistent identifiers that track an individual with time and across sites. More over, to be able to meet this one-time contact exclusion, your e-card system must not let the transmitter to enter her complete name, her e-mail address, or the recipient’s complete name. Nor may you enable the sender to easily type messages either in the subject line or in any text industries for the e-card.

Finally, you ought to deliver the e-card straight away and immediately delete the recipient’s email just after delivering. Then this collection parallels the conditions for the Rule’s “multiple contact exception” for obtaining verifiable parental consent if you choose to retain the recipient’s email address until some point in the future (e.g., until the e-card is opened by the recipient, or you allow the sender to indicate a date in the future when the e-card should be sent. In this situation, you have to gather the sender’s parent’s email target and supply notice and a chance to opt away to the sender’s moms and dad before the e-card is delivered. See 1999 Statement of Basis and Purpose, 64 Fed. Reg. 59888, 59902 n. 222.

4. I would really like to collect current email address, but no other really distinguishing information, inside my website’s registration procedure. We plan to utilize the current email address limited to the goal of supplying password reminders to users whom enroll to my site. Do I first need certainly to offer notice and obtain parental consent before gathering a child’s email address?

If you intend to hold the child’s email address in retrievable kind following the initial collection, to be used, as an example, to e-mail kiddies reminders of these passwords, then chances are you must definitely provide notice to zoosk review moms and dads together with possibility to choose away beneath the Rule’s multiple-contact exception. See 16 C.F.R. § 312.5(c)(4).

Nonetheless, you might collect a child’s email address to be utilized to authenticate the kid for purposes of producing a password reminder without very first delivering parental notice and offering a moms and dad the chance to decide out in the event that you meet the next conditions: (1) that you don’t gather any information that is personal from the son or daughter other than the child’s email; (2) the child cannot reveal any information that is personal on the site; and (3) you instantly and completely affect the email address (age.g., through “hashing”) so that it can only just be applied as being a password reminder and should not be reconstructed into its initial type or used to contact the little one. You need to explain this method in a definite and manner that is conspicuous both during the point of collection as well as in your site’s online privacy policy, which means your users and their moms and dads are informed regarding how the e-mail details will likely to be utilized. This may avoid confusion by site visitors yet others whom may otherwise assume that the web site is improperly gathering and keeping e-mail details with no kind of parental notice.


(0) (0) (0)

  1. No comments yet.
  1. No trackbacks yet.