Yes. You can rely upon the RuleвЂ™s exemption from parental consent where you, a service provider, or a third party collects persistent identifier information from users of your child-directed site to perform analytics encompassed by the RuleвЂ™s вЂњsupport for internal operationsвЂќ definition, and the information is not used for any other purposes not covered by the support for internal operations definition, then.
No. The definition of вЂњsupport for internal operationsвЂќ will not consist of advertising that is behavioral. The addition of personalization inside the concept of help for interior operations had been designed to allow operators to steadfastly keep up user driven choices, such as for instance game ratings, or character alternatives in virtual globes. вЂњSupport for internal operationsвЂќ does, however, through the collection or utilization of persistent identifiers associated with serving contextual marketing regarding the site that is child-directed.
The data you gather through the childвЂ™s device utilized to send push notifications is online contact information вЂ“ it allows you to contact the user вЂ“ and is consequently private information underneath the Rule. To your degree the little one has particularly required push notifications, nonetheless, you are in a position to count on the вЂњmultiple-contactвЂќ exception to verifiable parental permission, that you also needs to gather a parentвЂ™s online contact information and offer moms and dads with direct notice of the information methods and the opportunity to opt-out. See FAQ I.2. Significantly, in order to fit through this exclusion, your push notifications must certanly be fairly regarding this content of the application. Should you want to combine this online contact information along with other private information gathered through the son or daughter, you simply cannot depend on this exclusion and must make provision for parents with direct notice and acquire verifiable parental permission ahead of delivering push notifications to the little one.
In determining you will need to evaluate whether any exceptions apply whether you must provide notice and obtain verifiable parental consent. Section 312.5(c)(8) of this Rule has a exception to its notice and permission demands where:
If the third-party operator fulfills all those demands, if your internet site doesn't gather information that is personalaside from that included in an exception), you should not offer notice or get permission.
This exclusion does not connect with kinds of plug-ins where in fact the 3rd party collects more details when compared to a persistent identifier вЂ” as an example, where in fact the 3rd party additionally gathers individual opinions or any other user-generated content. In addition, a website that is child-directed count on this exclusion to deal with specific site visitors as grownups and monitor their activities.
If for example the addition of this plug-in satisfies most of the requirements of part 312.5(c)(8) outlined above and/or satisfies another exclusion towards the notice and permission demands into the Rule (see, as an example, the вЂњsupport for interior operations" exception talked about in FAQ J.5 and J.6 above), you don't have to offer notice and acquire verifiable parental permission.