A Beginner's Guide to Reading Privacy Policies
Apr 15, 2021 by Cameryn Gonnella, Compliance Manager, Children’s Advertising Review Unit
BBB National Programs’ Children’s Advertising Review Unit (CARU) reviews child-directed online environments to ensure that children’s data is collected and handled responsibly. As a parent, follow these steps to take a proactive role in your child’s data privacy, using privacy policies as your guide to better understand an online service’s data collection practices.
Step 1: Know What to Look For
COPPA applies to all commercial online services directed to children, including services ranging from websites to mobile apps, to internet-connected “smart toys.” The privacy policies of the services your child interacts with may look very different depending on what they are for. Regardless of what the service is, COPPA requires all privacy policies include the following standard information:
- What types of information is collected from children and what is it used for
- Whether a child can make their personal information publicly available on the service
- Whether the service shares the child’s information with third parties and what those third parties use the information for
- That a parent has the right to review of have deleted, or stop further collection of, the child’s information
- The names and contact information of each operator that collects or handles children’s personal information on the service
Step 2: Know Where to Look
Start at the beginning. Most privacy policies have a short introductory paragraph that identifies the company that operates the service and explains what the service is or does. If a company has multiple services, for example an app developer with multiple apps, this section should tell you which service (or app) the policy applies to. Additionally, privacy policies typically have a table of contents to help you find the specific information you need.
Step 3: Ask Questions