||siteGuardian Membership Requirements|
Step 1: Submit Application to siteGuardian
Step 2: Perform a Site Review
Step 3: Create your Privacy Statement
Step 4: Generate Required Links
Step 1: Submit Application
Our automated service can provide a no-obligation online quoteation right now. It only takes a few minutes to determine your fees and responsibilities. Click here to get started.
Step 2: Site Review
Should you feel uncomfortable with the process, our staff is available for consultation at a nominal fee*.
The review is divided into ten steps:
Make a list of ALL pages that collect information
- Make a list of EVERY web page that has a field for user input
- Determine if cookies are used and log their function(s)
- Examine your online advertising policies
- Where is personal information stored
- Create an Anti-Spam message
- For E-commerce applications, who handles your credit-card authorization
- How do visitors access their personal information
- What methods are in place for mailing opt-in/opt-out
- Who is responsible for fielding privacy issues
- How can people contact you
To begin, create a list of all pages on your site that collects any type of user input. Don't worry about links as we'll cover those later.
A few examples are: search box, guest book, shopping cart, or any type of form.
Determine exactly what information is collected, to whom (if anyone) this information is shared, and if it is stored.
Place your results in a grid similar to figure #1.
Cookies can be temporary (just for the browser session), or for a specified period of time. Your webpage will set this "self-destruct date" automatically.
You'll probably have to work with your Web Master to determine the extent of cookie usage. Once discovered, add each cookie to your results grid (see figure #1). Each entry should include the element, type (cookie), data collected, reason for collecting it, and self-destruct date (in days).
Does your site host advertising banners, buttons, or text for other companies? It is generally a good idea to create a disclaimer for information that is beyond your control.
Take a good look at your own advertising medium. Does any of your banners, buttons, or text (forms) collect data? If so, treat it just like a page that collects information. Create a results grid for your advertising and list them similarly as a webpage.
Examine your result grids. Outside of cookies, which should already be listed, define the actual storage source. Create a grid similar to figure #2 which should provide a high-level view of your data map.
It is not necessary to map every record type, just those that relate to personal information. People do not need to know the types of lookups that might be needed to perform a specific task unless that lookup requires information they have provided to you.
Outline the record (or group) that each field belongs to, reason for storing the data, and the duration it is stored.
Create an Anti-Spam Message
It is against our policy for member sites to participate in spamming - the "art" of sending hundreds and thousands of unsolicitated email messages.
However, is completely legal - and ethical - to send targeted bulk mail. One example might be a mailing to all auto dealers in your area. We provide an example (see figure #3) of the required fields for targeted mailings.
Your customers will be more likely to provide their email address if they know you will not abuse it. An anti-spam message generally states that you will not use collected email addresses for any purpose without first consulting the owner.
You may prepare a statement of your own, or use ours.
Get to know your Merchant
Users must be able to update their information
Check your results grid(s) and determine if every stored piece of information is accessable by the user who created it. They must be able to modify or remove personal information.
Most sites use either a web-based form to update/remove, or email.
Forms are generally automated and permit direct access to personal information. Visitors can see what has been collected, then have the option to modify or remove it.
Email can also be used to automatically or manually update information.
Simply stated, customers MUST be able to remove themselves from your mailing list. Approximately 80% of privacy-related complaints are made against websites that fail to control their mailing list.
Depending on the size of your list and frequency of mailings it might be necessary to utilize an automated opt-in/out server. Our member page contains several of the most popular programs.
However, many companies have little or no difficulties managing their lists manually.
Regardless of the method, you must place a disclaimer on every bulk emailing. Each disclaimer must have at least the following:
It is critical that your mailing lists are maintained regularly. Make sure anyone who wants out is promptly removed.
- Subject line MUST contain ADV: as first four characters if the email is sent targeted bulk-mail. This is required by law in almost every state and many countries. Targeted bulk-mail is the ONLY form of unsolicitated mail acceptable by siteGuardian.
- Body MUST contain at least a contact name and telephone number. We suggest supplying a name, business address, telephone number, and an email link to support. This is also required by law when sending targeted bulk-mail, but it is a good practice to use whenever sending bulk email.
- Closing tag MUST contain an opt-out clause with simple instructions. Recipients who no longer wish to receive future mailings should be able to click on a link and never hear from you again.
We have provided several examples (see figure #3) that you may freely copy.
Identify your Support Staff
Who is responsible for fielding questions from your website? It may be a single person or an entire group. There could be a tiered (level) approach to problem resolution, or the buck might stop with you. Regardless, your Privacy Statement needs to identify HOW the resolution process works.
It is our policy to allow the site owners thirty (30) days to resolve a Privacy Complaint. Disclosing who (or what group) handles privacy diputes will make a significant step towards resolution.
Give them your digits
The final piece of an acceptable Privacy Statment will contain contact information. Using the information collected about your support staff, create a list of names, addresses, phone numbers, and email addresses that can be seen by your website visitors.
figure #1: Data Results - use a separate table for each page
|Collection Element:||Type:||Data Collected||Purpose||Storage|
|search field||text input||search queries||send to google search engine||None|
|email field||text input||email address||Option to add visitor to our mailing list||Database|
|computed date||cookie||current date||Used with our stats software to count unique visitors.||30 days|
figure #2: Data Map
|Database Type:||DB/2 connected internally via ODBC|
|Record:||Field:||Reason for keeping:||Duration:|
|user||name||needed for login purposes||until removed by user|
|password||needed for login purposes||same|
|email||used to send password if forgot by user and for periodic mailings to our subscribers||same|
|Opt-out||determines if the user does not want to receive our periodic mailings||same|
|webstat||IP Address||used to identify unique users||one year|
|dateTime||records the time each unique user accessed our site||one year|
figure #3: Email Disclaimers
|Example #1: targeted email with a manual process for list removal|
Subject: ADV: Car polishing service
Dear auto dealer:
Statistics show that a polished car has a 50% better chance of selling quicker and for more money than non-polished cars. We have reasonable rates and flexible schedules. For more information, please visit our webpage at www.weregonnapolishyourcartoday.com or contact us at your convinence.
Chief of Waxing
Phone: (555) 555-1212
Fax: (555) 555-1212
This message was targeted to local auto dealerships. If it has reached you in error, please accept our apology. As law dictates, further transmissions may be stopped at no cost to you by sending a reply to this email address with the word "remove" in the subject line or by calling our toll-free number.
Example #2: mailing to customers who left their address on your website
Subject: Today's HOT Tip
Armor Airlines (NASQ: ARMAIR):
Company will announce a 30% increase in sales for the last quarter. Analysts believe the stock should rise between three and five points in the next several days. Armor closed yesterday at 11 3/4, up one fifth.
This message was sent unsolicited to members of our Hot Tip Stockwatch organization. If you'd no longer like to receive our daily tips, then simply click HERE
* Fees for staff consultation or investigation are billed at twenty dollars per half-hour. Our consultation service is available to individuals or companies that request assistance. It is purely optional.