Last updated February 24, 2021
What is the PRIVO iD Platform
The PRIVO iD Platform, (aka PRIVO-Lock) is an identity and consent management platform owned and operated by Privacy Vaults Online, Inc. d/b/a PRIVO®. The PRIVO iD Platform (the Platform) is a third-party service provider for websites, apps and connected toys handling account creation and managing consent on their behalf. It also includes the PRIVO iD (PiD), a privacy enhanced single sign on for parents and families.
PRIVO is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
What does powered by PRIVO iD mean?
The powered by PRIVO iD (PiD) symbol indicates that the site or service uses PRIVO's technology solution, but it is not operated by PRIVO. The solution enables a parent to give permission to an online property to legally collect personal information (e.g., email addresses, SMS identifiers, photos or audio) from a child, or to allow the child access to community features where they may post, share or communicate their personal information with others.
The PRIVO iD Platform utilizes a sliding scale for verification and authorization which adapts to the specific data use and disclosure risk associated with the feature the child seeks to access. By using this sliding scale, the PRIVO iD Platform offers a solution that is tailored to the specific features an online property offers, making parental verification easy, convenient and scalable.
What is a PRIVO iD (PiD) Account?
A PRIVO iD account (PiD) is part of the PRIVO iD Platform suite of services. A PiD account is a secure online log-in credential that can be used on sites and services in the PRIVO iD network. Only COPPA compliant services and those that have met the requirements of the PRIVO Privacy Assured Programs are included in this network. PiD account holders have a dashboard that allows parents to manage consent and users to control their settings. Adults, teens and children can create their own PiD account on myPRIVO.
What is myPRIVO?
myPRIVO is a website that hosts a direct PRIVO iD registration process and showcases information on members of PRIVO's FTC approved COPPA Safe Harbor and Kids Privacy Assured programs. Account holders can manage their PiD account on myPRIVO.
Information we collect for PRIVO iD
Parents have the option to provide PRIVO with a minimum set of information about each of their children, including:
Parents have the option to verify by providing:
PRIVO uses third-party providers to verify this information and does not use it for any other purpose but verifying your identity. Depending on the method you use to verify, PRIVO may retain the last four digits of your credit card, SSN or driver’s license.
For more information on these third-party service providers see here.
Parents may also provide PRIVO with verifiable parental consent through an offline method, such mailing, faxing or emailing a signed form to PRIVO or calling the PRIVO Customer Service number.
When you have completed the registration process, parents and any child(ren) added will each receive a PiD account. This iD allows parents and their child(ren) to log into any site or service that is using the PRIVO iD Platform more quickly and easily.
Information We Collect for a Website or App that Uses The PRIVO iD Platform
A child may begin the registration process for an account on a site or service that uses the Platform such as a child-directed website or mobile app. On behalf of the site or service, PRIVO collects the following from children:
The following information may also be collected from time to time:
Third Party Service Providers
PRIVO works with a number of third-party service providers solely to support our services. Information shared with these third parties is not used for any other purposes. For more information on these providers please click here.
What We Do With The Information You Provide
PRIVO only uses information collected directly from you for the purposes stated. The information is used to facilitate registration on sites and services and to process verifiable parental consent when required by law.
We will also use your information to update you about changes to our policies and to give you information about additional products and services we, or one of our clients, may offer. With your explicit consent, we may share your information with trusted third parties who offer products or services we believe you may find interesting. After opting in, if you do not want us to disclose your information in such a manner, you may opt out of disclosure by following the procedures described in the next section. At any time, you can opt-out of these communications and/or control your communications settings in your account profile.
Control Over Your Information and the Information of Your Child
When you provide us with consent for you and/or your child to participate at a site or service using the Platform we give you the option to agree to the collection and use by ourselves and our client of your child’s personal information for internal purposes, without having to agree to the disclosure of your child’s information by us or our client to unaffiliated third parties.
To manage your information, or the information we maintain about your child, sign in with your PiD and click “Manage Accounts”. There, you will be able to see all the permissions you have set for your child, access the personally identifiable information that PRIVO has collected from you or your child, correct factual errors in such information, can request to have this information deleted or request that we no longer collect or maintain such information. To protect your child’s privacy and security online, we will take reasonable steps to help verify your identity before granting you access to the personal information that we collect and maintain about you or your child.
We retain the personal information we collect as long as reasonably necessary to provide the service. If a parent or child requests to delete their information this request will be met within 30 days unless there is a legal requirement to retain the information.
Passively Collected Data
PRIVO does not track you, that is, it does not collect personally identifiable information about your online activities over time and across third-party web sites or online services. myPRIVO does not employ technology that responds to browser signals that permit users to limit tracking.
PRIVO uses generally accepted security measures and safeguards and requires that the third parties it works with agree to do the same. The measures and safeguards include limiting access to the data to those persons who need it to complete their work for PRIVO.
PRIVO may host the registration pages of sites and services that use the Platform. All data is transmitted through an SSL transmission to ensure privacy and security of your family’s information. We have put in place industry standard physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect online. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while PRIVO uses reasonable efforts to protect your personal information, we cannot guarantee its absolute security.
Third Party Links
How to update or remove your information
PRIVO keeps your information/content for as long as necessary in providing the services. If you want to opt out of services, review your information, or delete your information, please contact us at email@example.com.
Notice to California Residents
Privacy Vaults Online, Inc., d/b/a PRIVO
17949 Main St., #1025
Dumfries, VA 22026
Attn: Privacy Officer
Note for EU Citizens
PRIVO complies with the rights given to EU Citizens under the General Data Protection Regulation (GDPR). These rights are as follows:
You can action any of these rights by contacting us at: firstname.lastname@example.org
If you are an EU citizen and would like to make a complaint about the way we process your personal data, you can contact the relevant Data Protection Authority (DPA). Please contact us at email@example.com to find out more.
EU-U.S. Privacy Shield Framework
In the context of an onward transfer, a Privacy Shield organization has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. The Privacy Shield organization shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, PRIVO commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact PRIVO at:
17949 Main St., #1025
Dumfries, VA 22026
Attn: Privacy Officer
PRIVO has further committed to refer unresolved Privacy Shield complaints to JAMS an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
The EU-US Privacy Shield, as a legal basis for transfers of personal data, has been invalidated by a judgement from the Court of Justice of the European Union. However, for as long as PRIVO is self-certified to the Privacy Shield, PRIVO agrees to process EU Data in compliance with the Privacy Shield Principles.