Parents | PRIVO

COPPA Safe Harbor Certified

PRIVO is approved by the US Federal Trade Commission (FTC) as an authorized Safe Harbor under the Children's Online Privacy Protection Rule (COPPA). Program members agree to submit to PRIVO’s oversight and consumer dispute resolution process. Members must meet definitive standards to assure that they are fully compliant with COPPA, offering a comprehensive service that includes auditing a digital property as it relates to children's privacy, parental notice and consent, and best practices for safer online communities. In addition to yearly audits and quarterly reviews, PRIVO conducts monitoring and consulting on a regular basis. Such standards must be strictly adhered to in order to ensure safe and responsible online interaction between online properties and children under the age of 13.

PRIVO GDPRkids™ Privacy Assured Program

The PRIVO GDPRkids™ Privacy Assured Program supports child directed services known as Information Society Services under the General Data Protection Regulation, to comply with the requirements of this new legislation. It impacts any child directed service in an EU Member State and any service globally that collects and or processes the personal data of children and minors. There is no safe harbor for the GDPR to date, but our team of privacy experts audit child directed services, provide support to ensure compliance with the regulation and award a Privacy Assured Shield to services that meet the program requirements. PRIVO conducts yearly audits and quarterly reviews, in addition to monitoring and consulting on a regular basis.

Student Digital Privacy Protection

PRIVO helps websites operators, app developers and EdTech companies comply with multiple regulations and best practices with our streamlined Student Digital Privacy Protection Compliance Program. A thorough privacy risk and compliance assessment is conducted. Scanning technology is used, in conjunction with manual reviews to provide Software Monitoring Reports that give a transparent view of the tracking on sites and in mobile applications.

The program includes compliance with the following:

Family Educational Rights and Privacy Act (“FERPA”)
Protection of Pupil Rights Amendment (“PPRA”)
Student Online Personal Information Protection Act (“SOPIPA”)
California AB 1584, Education Code section 49073.1 – Privacy of Pupil Records: 3rd-Party Digital
California Education Code 49073.6 – Collection of Student Information from Social Media
Student Privacy Pledge

PRIVO conducts yearly audits and quarterly reviews, in addition to monitoring and consulting on a regular basis.

The PRIVO iD represents PRIVO's COPPA / GDPR compliant family friendly customer Identity and permission management platform. The solution enables a parent to give permission to an online property to legally collect personal information (i.g., email addresses, SMS identifiers, photos or audio) from a child, or to allow the child access to community features where they may post, share or communicate their personal information with others.

The PRIVO iD Platform utilizes a sliding scale for verification and authorization which adapts to the specific data use and disclosure risk associated with the feature the child seeks to access. By using this sliding scale, the PRIVO iD Platform offers a solution that is tailored to the specific features an online property offers, making parental verification easy, convenient and scalable.

Want to sign up for your free PRIVO iD? Click here

The Children’s Online Privacy Protection Act (COPPA) in the United States requires that operators of websites, apps and other online services must first obtain a parent’s VERIFIABLE permission before they are allowed to collect from a child 12 or under any personally identifiable information (PII). PII might be necessary to engage in activities such as to join or receive alerts from a site, app, game and/or online service. In some cases due to other laws, even a minor (under 18) to engage in activities where they might share their personal information.

The EUs General Data Protection Regulation (GDPR) has set the age of consent at 16, meaning users 15 years and younger need parent consent where applicable. However, member states can choose a younger age down to 13. Developers will need to prove that consent is valid, that it is informed and granular and that they have methods in place to allow parents to exercise their rights in relation to children.