Work in progress as outlined in the
OTA Online Trust Principles and
submitted to the FTC .
This is a conceptual implementation reflecting OTA practices and may or may
not be applicable to other businesses or sites. A
template will be created to include recommended content to consider
and an explanation of what to include in each section. Send comments to
See example with icons
Privacy & Data Collection Statement
in progress, revised Dec 24, 2009)
What is collected?
The Online Trust Alliance
(OTA) may collect unidentified or anonymous information about your
visit to the OTA site including your internet Protocol (IP) address of your computer, the date and time you visited,
browser version, among other anonymous
data points. We also may actively collect other information for our
email list subscriptions, such as your email address and company
information. OTA does not
purchase or use any third party lists. No credit card data is
captured or retained on any OTA servers. When registering for OTA
events, personal information including your name, contact information
and related information is collected.
Who do you share my data with?
No data is ever shared, exchanged or sold to any third
party including OTA member companies or our vendors. Credit card
data is encrypted and provided directly to third party credit card
processors and merchant banks and is never stored or retained by OTA.
Why is this data collected?
1. As part of OTA's
mission, we publish resources, reports and guidelines free of
2. Information is collected
to help improve the Site, analyze trends, and administer the
3. Data for OTA event registrations are retained for
registration, billing, program evaluation and future OTA event
4. Email newsletter subscriptions are mailed approximately once per
month, and limited to news about OTA's initiatives, events, industry
news, business trends and government issues.
How long is the data
1. Web usage and site traffic data is aggregated and
retained for a period of 12 months.
2. Email subscription
data is retained as long as a subscriber maintains membership,
and or the email does not bounce or rejected more than 3 times
over a twelve month period or until a user unsubscribes.
3. Non-engaged subscribers,
(subscribers who do not open or click on their email) may be
removed by OTA from some or all lists which they have subscribed
or signed up for.
How does OTA help secure the data?
1. All data
sent and received is transmitted over secure and encrypted
2. All data storage and backup systems are encrypted.
3. OTA maintains a 24/7 data loss and breach incident plan
4. Use of Extended Validation SSL Certificates (EV SSL) to help provide assurance the site and pages are legitimate.
How can I access my information and how
do I opt-out?
No data is collected which can be attributed
to an individual user. You may access, update and correct the
information OTA has captured and stored as a result of your opt-in
to our email list. If you have opted-in to our email list, you may
opt-out by clicking on the unsubscribe link in the footer of all
email or in the email unsubscribe header rendered by many email
providers including Gmail and Hotmail. Attendees of OTA events are automatically subscribed to
the OTA Newsletter, but no profiling or data sharing is
conducted. More Details>
last updated: 9/22/09
Online Trust Alliance,
(OTA, Inc) is committed to protecting your privacy. By accessing the
Site, you are consenting to the information collection and use practices
described in this privacy statement.
We will ask you when we need information
that personally identifies you (personal information) or allows us to
contact you to provide a service or carry out a transaction that you have
requested such as requesting information about OTA, ordering e-mail
newsletters, joining OTA, signing up for an event or training. The personal
information we collect may include your name, title, company or organization
name, work e-mail, work phone, work or home address, information about your
job function, information about your company, and credit card information.
When you register for an event on our site you are asked for your
name, email address and billing information (such as credit card number and
expiration date). Although the event registration page has the same look
and feel as
may actually submitting registration information to our third party service
provider who then shares the information back with
https://otalliance.org in order to
fulfill your event registration request. Please note that our privacy
statement does apply and that our service provider must treat your personal
information in accordance with our privacy statement. Your security
is important to our third party service provider. When you enter
sensitive information (such as credit card number) on the event registration
form, they encrypt that information using secure socket layer technology
The Site may collect certain anonymous information about your
visit, such as the name of the Internet service provider and the Internet
Protocol (IP) address through which you access the Internet; the date and
time you access the Site; the pages that you access while at the Site and
the Internet address of the Web site from which you linked directly to our
site. This information is used to help improve the Site, analyze trends, and
administer the Site.
Use of Your Personal Information
The personal information collected through our offline forms
will be used to operate the Site and to provide the service(s) or carry out
the transaction(s) you have requested or authorized.
In support of
these uses, OTA may use personal information to provide you with more
effective customer service, to improve the Site and any related OTA products
or services. We may use your personal information to provide you with
important information about the product or service that you are using,
including critical updates and notifications. OTA occasionally hires other
companies, consultants and contractors to provide limited services on our
behalf, such as Web site hosting, packaging, public relations, mailing and,
answering customer questions about products and services, and sending
information about our products, special offers, and other new services. We
will only provide those companies the personal information they need to
deliver the service. They are required to maintain the confidentiality of
the information and are prohibited from using that information for any other
purpose. OTA may disclose personal information if required to do
so by law or in the good faith belief that such action is necessary to (a)
conform to the edicts of the law or comply with legal process served on OTA
or the Site; (b) protect and defend the rights or property of OTA or (c) act
in urgent circumstances to protect the personal safety of OTA employees or
agents, users of OTA products or services, or members of the public.
Control of Your Personal Information
otherwise described in this statement, personal information you provide on
the Site will not be shared outside of OTA without your permission.
Access to Your Personal Information
You can review and
edit the personal information and any contact preferences provided at the
Site by sending e-mail to firstname.lastname@example.org or in writing to:
Online Trust Alliance (OTA)
9057 Points Drive NE
Clyde Hill WA,
Security of Your Personal Information
OTA is committed to protecting the security of your personal
information. We use a variety of security technologies and procedures to
help protect your personal information from unauthorized access, use, or
disclosure. For example, we store the personal information you provide on
computer servers with limited access that are located in controlled
facilities. Additionally, we use Secure Socket Layer (SSL) protocol and
Extended Validation SSL Certificates on our
site to help ensure safety of the information being transmitted while
logged into your Membership account.
use both session ID and persistent cookies. We use session cookies to
make it easier for you to navigate our site. A session ID cookie expires
when you close your browser. A persistent cookie remains on your hard drive
for an extended period of time. You can remove persistent cookies by
following directions provided in your Internet browser’s “help” file.
Persistent cookies enable us to track and target the interests of our users
to enhance the experience on our site including access to our member’s only
area. We do not link the information we store in cookies to any
personally identifiable information you submit while on our site.
our privacy statement. We do not have access or control over these
cookies. Our partners and service providers may utilize session ID
cookies to make it easier for you to navigate our site, in order for you to
register for events, pay membership dues, etc.
This Privacy Statement
We may occasionally update this privacy
statement. When we do, we will also revise the "last updated" date at the
top of the privacy statement. For material changes to this privacy
statement, we will notify you either by placing a prominent notice on the
home page of our web site or by directly sending you a notification. We
encourage you to periodically review this privacy statement to stay informed
about how we are helping to protect the personal information we collect.
Your continued use of the service constitutes your agreement to this privacy
statement and any updates.
OTA welcomes your comments regarding this privacy statement. If you believe
that OTA has not adhered to this privacy statement, please contact us by
e-mail at email@example.com or via postal mail at the address provided
below, and we will use commercially reasonable efforts to promptly determine
and remedy the problem.
Online Trust Alliance (OTA)
PO Box 803
Bellevue, WA 98009-803
If you no longer wish to
receive our newsletter and promotional communications, you may opt-out of
receiving them by following the instructions included in each newsletter or
communication or by emailing us at
firstname.lastname@example.org or you may contact us at our address above or by
phone at 425-985-1421.
Online Trust Alliance (OTA) is a licensee of the TRUSTe Privacy Program.
TRUSTe is an independent, organization whose mission is to build user’s
trust and confidence in the Internet by promoting the use of fair
information practices. This privacy statement covers the Web site
this Web site wants to demonstrate its commitment to your privacy, it has
agreed to disclose its information practices and have its privacy practices
reviewed for compliance by TRUSTe. If you have questions or concerns
regarding this statement, you should first contact the Privacy Officer at
email@example.com. If you do
not receive acknowledgement of your inquiry or your inquiry has not been
satisfactorily addressed, you should contact TRUSTe at
http://www.truste.org/consumers/watchdog_complaint.php. TRUSTe will
then serve as a liaison with us to resolve your concerns.