- Participants wanting to be certified for collecting PII through an application on a Mobile Device or through a Web site optimized for a Mobile Device must comply with the Minimum Program Requirements and the following:
- Mobile Short Notice
- Participants will provide enhanced notice outside of the Privacy Statement by linking from a TRUSTe icon or text link to a TRUSTe-hosted Short Notice
- The following disclosures will appear within the TRUSTe-hosted Short Notice:
- Whether geo-location data is collected and how geo-location data is used;
- What types of information is collected and how it is used;
- Whether Participant shares PII with Third Parties, including Service Providers;
- How the Individual can exercise choice and request access pursuant to these Program Requirements;
- What tracking technologies are used by the Participant or Third Parties including Service Providers and the purpose for using those technologies;
- What security measures are in place to protect collected information as required in these Program Requirements; and
- How the Individual can contact the Participant, including company name, email address or a link to an online form, and physical address.
- Geo-location Data
- Participant must obtain Express Consent from the Individual the first time Geo-location Data is used by the Participant to provide services.
- Participant may provide additional notifications through a Just in Time Notice or a persistent icon, to remind Individuals that their Geo-location Data is being used by the Participant to provide a service.
- Participant must obtain Express Consent from the Individual prior to the sharing of Geo-location Data with Third Parties other than Service Providers.
- Participant must obtain Express Consent from the Individual prior to any use of Geo-location Data for Secondary Purposes.
- Privacy Statement shall state:
- What information is collected from an Individual’s Mobile Device;
- Whether information is shared with another application installed on the Individual’s Mobile Device;
- How Geo-location Data is used;
- If Geo-location Data is used to create a profile about the Individual;
- How long Geo-location Data is retained;
- What type of Third Parties, including Service Providers is Geo-location Data is shared with and for what purpose;
- How the Individual can restrict the disclosure of Geo-location data to Third Parties; and
- How the Individual can revoke consent to the Participant’s collection and use of Geo-Location Data.
“Geo-location Data” is information obtained through an Individual’s use of a Mobile Device and is used to identify or describe the Individual’s actual physical location at a given point in time.
“Mobile Device” is a portable electronic device which allows the user to process, receive, and send data through a common carrier without being limited to a specific geographical location.
Back to top