Three important guidelines for any webstte or app: (1) design privacy into your service, (2) provide privacy choices at a relevant time and context, (3) disclose to your users how you collect and use data. See this article for more info: http://tudorlawfirm.com/mobile-developers-how-to-stay-compliant/
Like most policies, this is a take-or-leave it contract. Although users can't negotiate it, a policy that is onerous to the user will become bad for public relations. Whenever a website collects information, the website operator has to secure that information and to dispose of it properly. Compliance with applicable FTC, HIPAA, COPPA, GLBA, EU Safe Harbor and other regulations is critical to avoid hefty fines.
The information we collect
In General. We may collect personal information that can identify you such as your name and email address and other information that does not identify you. When you provide personal information through our website, the information may be sent to servers located in the United States and other countries around the world.
Information you provide. We may collect and store any personal information you enter on our website or provide to us in some other manner. This includes identifying information, such as your name, address, email address, and telephone number, and, if you transact business with us, financial information such as your payment method (valid credit card number, type, expiration date or other financial information). We also request information about your interests and activities, your gender and age, and other demographic information such as your hometown or your username.
So OkCupid collects (1) personal information, and (2) financial information that the user provides. As a website operator, ask yourself what kind of information you will collect, and who provides it.
Information from other sources. OkCupid is a part of the IAC family of businesses (please see www.iac.com), which as of the date of this policy includes Match.com, Ask.com, Citysearch, ServiceMagic, Pronto, Shoebuy, College Humor, and many others companies and websites. We may periodically obtain both personal and non-personal information about you from other IAC businesses, business partners, contractors and other third parties and add it to our account information or other information we have collected.
The plot thickens here. OkCupid not only collects information from you, but it gathers information that you've posted on any other one of the approximately 150 brands that falls under the IAC umbrella. Moreover, it seems that OkCupid gathers your information from "partners, contractors and other third parties" to their database. That could be an enormous amount of information. In fact, this language is so broad that the sources of information seem unlimited. User can take it or leave it.
Information about others. We may collect and store personal information about other people that you provide to us, such as their name, address and email address. If you use our website to send others (friends, relatives, colleagues, etc.) a product as a gift, we may store your personal information, and the personal information of each such recipient in order to process those requests or facilitate future activities.
The plot thickens even more! The user agrees to let OkCupid gather information about the people the user interacts with through the OkCupid website. This is extremely broad and onerous to the user (yet OkCupid's user base is growing at an exponential rate). I suspect this can become a huge issue. How can OkCupid ask the user for permission to obtain a third party's information? They're asking permission from the wrong party. If I were a website operator, I would stay away from this language.
Information collected automatically. We automatically collect information from your browser when you visit our website. This information includes your IP address, your browser type and language, access times, the content of any undeleted cookies that your browser previously accepted from us (see "Cookies" below), and the referring website address.
The problem with not accepting cookies is that the user can't use many of the features of the website. The user needs to understand that if they want a personalized experience, they will have to accept cookies. In all fairness, there is no other way to personalize the experience except by obtaining this kind of information. The bigger issue is what the operator does with the data, not the fact that the operator collects it.
Cookies and Use of Cookie Data. When you visit our website, we may assign your computer one or more cookies, to facilitate access to our site and to personalize your online experience. Through the use of a cookie, we also may automatically collect information about your online activity on our site, such as the web pages you visit, the time and date of your visits, the links you click, and the searches you conduct on our site. During your visits to other websites where we advertise, we (or third parties) may use certain data collected on our site to show you the type of OkCupid.com advertisements likely to be of greater interest to you. Although you may not opt out of receiving online advertisements generally, you may control the collection of data on our site used for targeted OkCupid.com advertising during your visits to other websites. To opt-out of OkCupid.com data collection for targeted advertising on other sites, click here: Opt Out Now. Most browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies. If you choose to decline cookies, please note that you may not be able to sign in or use some of the interactive features offered on our website. Other cookies may reflect de-identified demographic or other data linked to the registration data you have submitted to us, e.g., your email address, in hashed, non-human readable form. No personally identifiable information is contained in these cookies. To opt-out of these cookies, please go to http://www.aboutads.info/choices.
Other Technologies. We may use standard Internet technology, such as web beacons and other similar technologies, to track your use of our site. We also may include web beacons in advertisements or email messages to determine whether messages have been opened and acted upon. The information we obtain in this manner enables us to customize the services we offer our website visitors to deliver targeted advertisements and to measure the overall effectiveness of our online advertising, content, programming or other activities.
Information collected by third-parties. We may allow third-parties, including our authorized service providers, IAC companies, advertising companies and ad networks, to display advertisements on our site. These companies may use tracking technologies, such as cookies, to collect information about users who view or interact with their advertisements. Our website does not provide any personal information to these third parties. This information allows them to deliver targeted advertisements and gauge their effectiveness. Some of these third-party advertising companies may be advertising networks that are members of the Network Advertising Initiative, which offers a single location to opt out of ad targeting from member companies (www.networkadvertising.org).
So OkCupid is telling the user that they will allow advertisers to use their own technologies to collect user information. If you don't accept OkCupid's cookies, then you can't sign in, if you accept cookies then any third party authorized by OkCupid to advertise can use their own tracking technologies to collect information about users who interact with the advertisements. This is why OkCupid is free. However, OkCupid limits the information that advertisers have access to. Advertisers cannot get user personal information.
How we use the information we collect
In General. We may use information that we collect about you to:
- deliver the products and services that you have requested.
- manage your account and provide you with customer support.
- perform research and analysis about your use of, or interest in, our products, services, or content, or products, services or content offered by others.
- communicate with you by email, postal mail, telephone and/or mobile devices about products or services that may be of interest to you either from us, other IAC companies or other third parties.
- develop and display content and advertising tailored to your interests on our site and other sites.
- verify your eligibility and deliver prizes in connection with contests and sweepstakes.
- enforce or exercise any rights in our terms and conditions.
- manage our business.
- provide our advertisements to you when you visit other sites.
- perform functions as otherwise described to you at the time of collection.
- register you with and display your profile on other online dating and other social websites owned by IAC, such as match.com and websites operated by People Media.
Financial information. We may use financial information or payment method information to process payment for any purchases made on our website, enroll you in the discount, rebate, and other programs in which you elect to participate, to protect against or identify possible fraudulent transactions, and otherwise as needed to manage our business.
Job applicants. If your personal information is submitted through our website when applying for a position with our company, the information will be used solely in connection with considering and acting upon your application. We may retain your personal information for a period of time, but only for the purpose of considering your application for current or future available positions. This information, which may include your name and contact information, prior education and experience, and other information you provided to us, may be shared with other IAC companies for the purpose of evaluating your qualifications for the particular position or other available positions, as well as with third-party service providers retained by us to collect, maintain and analyze candidate submissions for job postings.
Since the website has a "Careers" section through which it collects information, OkCupid needed to specify what it does with that information. This policy takes in account all their information-collecting activities, and so should any other website operator. If it doesn't apply, don't put it in, and if it applies in the future, modify it then.
Please review Your choices about collection and use of your information below.
With whom we share your information
Expect this to be "almost everybody" since the service is free. See below what is the equivalent of "we don't share personal information with anyone.... except we'll share with almost everyone." The Terms and Conditions that this policy refers to says ""[y]ou should appreciate that all information submitted on the Website might potentially be publicly accessible."
Personal information. We do not share your personal information with others except as indicated below or when we inform you and give you an opportunity to opt out of having your personal information shared. We may share personal information with:
Service providers: We may share your personal information, which may include your name and contact information (including email address), with third parties that perform certain services on our behalf. These services may include fulfilling orders, providing customer service and marketing assistance, performing business and sales analysis, member screenings, supporting our website functionality, and supporting contests, sweepstakes, surveys and other features offered through our website. We may also share your name, contact information and credit card information with our authorized service providers who process credit card payments. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purposes.
The PCI compliance regulations don't allow sharing of user's financial information except for the purpose of processing payments.
Other IAC businesses. We are part of the IAC family of businesses (go to www.iac.com for a listing of these businesses). IAC’s businesses include the online dating websites match.com, chemistry.com, singlesnet.com, datehookup.com and the websites operated by People Media (ourtime.com, seniorpeoplemeet.com, blackpeoplemeet.com and other sites listed on peoplemedia.com). We may share information we collect, including your profile and personal information such as your name and contact information, photos, interests, activities and transactions on our website, with the IAC companies. As part of our online service, your profile may be registered on and/or appear in search results or other areas of other online dating websites owned by IAC. All IAC companies comply with the IAC Consumer Privacy statement.
Regarding my earlier comment about the risk of signing up users for services that have different privacy policies, OkCupid is promising that all privacy policies comply with a "master" IAC consumer privacy statement. They are essentially saying that if you are agreeing to the OkCupid privacy statement, you have "seen" all the compliant privacy statements of all other IAC businesses. Hopefully all IAC businesses work hard at keeping all their privacy statements compliant. Otherwise OkCupid cannot stand behind this promise. Even if all those privacy policies are compliant, should the policies differ, I see many issues with signing up users to policies they have not actually seen. OkCupid is a very profitable business, so they probably hire many attorneys to deal with compliance issues. Needless to say this model is not fit for a small startup.
Business partners: When you make purchases on our website or click-through our advertisements offered on third party websites, we may share personal information with the businesses with which we partner to offer you the applicable products, services or advertisements. When you elect to engage in a particular merchant's offer or program, you authorize us to provide your email address and other information to that merchant.
Either the user or OkCupid provides this information, and here the user agrees that OkCupid will provide this pre-filled information. The problem with this paragraph is that the language "...and other information to that merchant" is extremely vague and all-encompassing. So long as the user makes a purchase from the advertiser, OkCupid will provide any personal information about the user.
Other Situations. We also may disclose your information, including personal information:
In response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us.
The disclosure of this type of information is compelled by law.
When we believe disclosure is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our company, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our website terms and conditions or other agreements or policies.
Same as previous comment.
In connection with a substantial corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.
Here, the acquiring company needs the personal information because it represents the biggest OkCupid asset. In the event of bankruptcy, the trustee has the authority to gather the assets and create a bankruptcy estate.
Anonymized and non-personally-identifiable information. We may share non-personally-identifiable information we collect under any of the above circumstances. We may also share it with IAC companies and third parties to develop and deliver targeted advertising on our website and on websites of third parties, and to analyze and report on advertising you see. We may combine non-personally-identifiable information we collect with additional non-personally-identifiable information collected from other sources. We also may share anonymized, non-personally-identifiable information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business and other analysis.
Essentially OkCupid can do anything they want with non-personally-identifiable information.
How you can access your information
What does OkCupid do with the data when you delete or disable your account? They retain your data for purposes that are very vague. To know what happens with any information user submitted to a third party, go read the third party's policies.
Your choices about collection and use of your information
You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our website because such information may be required in order for you to register as a member; purchase products or services; participate in a contest, promotion, survey, or sweepstakes; ask a question; or initiate other transactions on our website.
Again, if user doesn't disclose information, then the user can't really use the website. The business transaction is essentially "give me your personal information and I'll give you a free dating website."
At any time you can choose to no longer receive commercial or promotional emails from us by submitting this request to [email protected] You may be given the opportunity, in any commercial email that we send to you, to opt out of receiving such messages in the future. We request a reasonable time to process an opt-out request. We may send you other types of transactional and relationship email communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt out of receiving them. Please note that changing information in your account, or otherwise opting out of receipt of promotional email communications, will only affect future activities or communications from us. If we have already provided your information to a third party (such as a service provider) before you have changed your preferences or updated your information, you may have to change you preferences directly with that third party.
Whatever information OkCupid provided to third parties is "outside the jurisdiction" of OkCupid. User should go to the third party and modify information sharing and notification preferences there.
You can also control information collected by cookies. See Cookies below for information about declining or deleting cookies.
How we protect your personal information
We take appropriate security measures (including physical, electronic and procedural measures) to help safeguard your personal information from unauthorized access and disclosure. We want you to feel confident using our website to transact business. However, no system can be completely secure. Therefore, although we take steps to secure your information, we do not promise, and you should not expect, that your personal information, searches, or other communications will always remain secure. Users should also take care with how they handle and disclose their personal information and should avoid sending personal information through insecure email. Please refer to the Federal Trade Commission's website for information about how to protect yourself against identity theft.
OkCupid promises to protect personal information. But this "protection" is almost meaningless to the user when the user agrees to share it with "nobody except almost everybody." However, OkCupid promises to protect the information from everyone else: "almost nobody." As long as OkCupid does that, they fulfill their obligation. Users, it's your responsibility to read the policy, and you can take it or leave it.
Information you provide about yourself while using our service
We provide areas on our websites where you can post information about yourself and others and communicate with others or upload content such as photographs. Such postings are governed by our Terms & Conditions. In addition, such postings may appear on other websites or when searches are executed on the subject of your posting. Also, whenever you voluntarily disclose personal information on publicly-viewable web pages, that information will be publicly available and can be collected and used by others. For example, if you post your email address, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information you voluntarily post, so we encourage you to exercise discretion and caution with respect to your personal information.
Again, the Terms and Conditions say "[y]ou should appreciate that all information submitted on the Website might potentially be publicly accessible." So if you don't want pictures of your washboard abs on the net, don't put them up.
Although our website is a general audience site, we restrict the use of our service to individuals age 18 and above. We do not knowingly collect personal information from children under the age of 13.
Visiting our websites from outside the United States
No Rights of Third Parties
How to contact us
8300 Douglas Avenue, Suite 800
Dallas, Texas 75225
© IAC/InterActiveCorp. All rights reserved.
Cookies: A cookie is a small text file that is stored on a user's computer for record keeping purposes. Cookies can be either session cookies or persistent cookies. A session cookie expires when you close your browser and is used to make it easier for you to navigate our website. A persistent cookie remains on your hard drive for an extended period of time. Cookies on our website do not link to or store your personal information.
For example, when you sign in to our website, we will record your user or member ID and the name associated with your user or member ID in the cookie file on your computer. We also may record your password in this cookie file, if you indicated that you would like your password saved for automatic sign-in. For security purposes, we will encrypt any usernames, passwords, and other user or member account-related data that we store in such cookies. In the case of sites and services that do not use a user or member ID, the cookie will contain a unique identifier. We may allow our authorized service providers to serve cookies from our website to allow them to assist us in various activities, such as doing analysis and research on the effectiveness of our site, content and advertising.
You may delete or decline cookies by changing your browser settings. Click "Help" in the toolbar of most browsers for instructions. If you do so, some of the features and services of our website may not function properly.
Opting-Out of Advertising Cookies. You may opt out of our data collection for use by third party ad companies to provide targeted OkCupid.com advertising to you when you visit other sites. Cookies are unique to each computer. Therefore, you must opt out separately on all computers you use. If you delete all of your cookies (specifically, the "Opt-Out" cookie), you will have to go through the opt-out process again to reactivate your opted-out status. You can opt out of receiving such advertising-related cookies by clicking below:
Web Beacons: Web beacons (also known as clear gifs, pixel tags or web bugs) are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users or to access cookies. Unlike cookies which are stored on the user's computer hard drive, web beacons are embedded invisibly on the web pages (or in email) and are about the size of the period at the end of this sentence.
Web beacons may be used to deliver or communicate with cookies, to count users who have visited certain pages and to understand usage patterns. We also may receive an anonymous identification number if you come to our site from an online advertisement displayed on a third-party website. Third parties may use anonymous information about your visits to our site and other websites in order to improve its products and services and provide advertisements about goods and services of interest to you.