I. EXCEPTIONS TO PRIOR PARENTAL CONSENT

1. I wish to have contest on my child-directed internet site. May I utilize the Rule’s “one-time contact” exclusion to previous consent? That is parental, in the event that you correctly design your contest. You might use the “one time contact” exception then only contact such children once when the contest ends to notify them if they have won or lost if you collect children’s online contact information, and only this information, to enter them in the contest, and. At that time, you have to delete the online contact information you have got gathered.

If, nevertheless, you anticipate to get hold of the children one or more time, you need to make use of the exception that is“multiple-contact” that you can additionally needs to gather a parent’s online contact information and offer parents with direct notice of the information practices and a way to decide down. The Rule prohibits you from using the children’s online contact information for any other purpose, and requires you to ensure the security of the information, which is particularly important if the contest runs for any length of time in either case.

If you want to collect any information from children online beyond online email address regarding the contest entries – such as for example collecting a winner’s house target to mail a reward – you have to first provide moms and dads with direct notice and acquire verifiable parental permission, while you would for any other kinds of information that is personal collection beyond online contact information. You may ask the child to provide his parent’s online contact information and use that identifier to notify the parent if the child wins the contest if you do need to obtain a mailing address and wish to stay within the one-time exception. In your award notification message to your parent, you may possibly ask the moms and dad to deliver home mailing target to deliver the award, or ask the parent to phone a cell phone number to present the mailing information.

2. We have a website that is child-directed comes with an “Ask the Author” part where kiddies can email concerns to highlighted writers. Do i must provide notice and get parental consent?

In the event that you merely answer the child’s question and then delete the child’s email (and don’t otherwise keep or keep the child’s information that is personal www.datingmentor.org/positive-singles-review in virtually any kind), then you belong to the Rule’s “one-time contact” exception and don’t want to get parental permission.

3. We offer e-cards and also the cap cap ability for young ones to forward components of interest to their buddies back at my child-directed application. Am I able to benefit from one of the Rule’s exceptions to consent that is parental should I notify moms and dads and get permission with this activity?

The solution will depend on the manner in which you design your e-card or forward-to-a-friend system. Any system supplying any possibility to expose information that is personal other compared to the recipient’s email calls for you to definitely get verifiable permission through the sender’s parent (not e-mail plus), and will not fall within one of COPPA’s restricted exceptions. This means if the e-card/forward-to-a-friend system allows private information to be disclosed in a choice of the “from” or “subject” lines, or in the human body of this message, you then must alert the sender’s moms and dad and get verifiable parental consent before gathering any information that is personal through the son or daughter.

In order to benefit from COPPA’s “one-time contact exception” for your e-cards, your web type might only gather the recipient’s email (and, if desired, the transmitter or recipient’s very first title); you might not gather just about any information that is personal either through the sender or the receiver, including persistent identifiers that track an individual with time and across sites. Furthermore, so that you can fulfill this one-time contact exclusion, your e-card system should never permit the transmitter to enter her name, her e-mail address, or even the recipient’s complete name. Nor may you let the transmitter to easily type messages in a choice of the line that is subject in any text areas for the e-card.

Finally, you ought to immediately send the e-card and automatically delete the recipient’s email right after delivering. If you choose to retain the recipient’s email address until some part of the near future (age.g., through to the e-card is exposed by the receiver, or perhaps you let the transmitter to point a romantic date as time goes on if the e-card should really be delivered), then this collection parallels the conditions when it comes to Rule’s “multiple contact exception” for getting verifiable parental permission. In this scenario, you need to gather the parent’s that is sender’s target and supply notice and a way to choose off to the sender’s moms and dad ahead of the e-card is delivered. See 1999 Statement of Basis and Purpose, 64 Fed. Reg. 59888, 59902 n. 222.

4. I wish to gather email address, but hardly any other information that is personally identifying within my website’s registration process. I plan to utilize the email limited to the objective of supplying password reminders to users who enroll back at my web site. Do I first need certainly to offer notice and acquire parental permission before gathering a child’s current email address?

If you want to retain the child’s email address in retrievable type following the initial collection, to be utilized, as an example, to e-mail young ones reminders of the passwords, then chances are you must definitely provide notice to moms and dads additionally the chance to decide away underneath the Rule’s multiple-contact exclusion. See 16 C.F.R. § 312.5(c)(4).

Nonetheless, you may possibly collect a child’s email to be used to authenticate the kid for purposes of creating a password reminder without very very first delivering parental notice and providing a moms and dad the chance to choose out that it can only be used as a password reminder and cannot be reconstructed into its original form or used to contact the child if you meet the following conditions: (1) you do not collect any personal information from the child other than the child’s email address; (2) the child cannot disclose any personal information on your website; and (3) you immediately and permanently alter the email address (e.g., through “hashing”) such. You need to explain this method in a clear and manner that is conspicuous both in the point of collection plus in your site’s online privacy policy, which means that your users and their moms and dads are informed how the e-mail details are going to be utilized. This may avoid confusion by site site visitors yet others whom may otherwise assume that the web web site is improperly gathering and keeping e-mail details without having any as a type of parental notice.