Most of our online services are intended for users of all ages. This section outlines the Open Insulin Foundation’s information practices in the United States with respect to personal information (as defined by the Children’s Online Privacy Act (“COPPA”)) collected on online from services directed to children under the age of 15 or from children who we have actual knowledge are under the age of 15 (“child” or “children”). For more information about COPPA see FTC - Children's Privacy.
If we knowingly collect personal information on a child-directed service or from a user we have actual knowledge is a child, we will retain that information only so long as reasonably necessary to 1) fulfill the request or allow the child to participate in the activity, 2) ensure the security of our users and our online services, and/or 3) as required by law. If we learn we have collected personal information from a child in a manner inconsistent with COPPA’s requirements, we will either delete that personal information or seek parental consent.
If an online service seeks to collect personal information from a child that is not subject to an exception under COPPA, we will first ask for a parent or guardian’s consent to that collection as required by law.
Our online services directed to children may collect the following information from children for the purposes described:
Registration Information: Children may be able to register with an online service to view content, participate in contests, play games and more. We may ask the child to provide a screen name (that does not include the child’s name) and password. We may also request information for notification purposes, such as a parent or guardian’s email address, the child’s first name and gender, and birth date. We may ask for a child’s email address for purposes of generating a password reminder. In such cases, unless we otherwise obtain consent or notify the parent of ongoing communications (as discussed below), we will hash such an email address such that it can only be used as a password reminder and cannot be used to contact the child.
Email Address for One-Time Response: We may ask for a child’s email address or other online contact information in order to respond to a question or request from a child. We will delete this information after responding to the question or request. If an online service allows children to create accounts by providing a name and email address, we will first seek parental consent as required by COPPA.
Email Address for Newsletters or Other Ongoing Communications: Our online services may offer ongoing communications to our users, such as newsletters or show updates. In such circumstances, we may collect a child’s email address or other online contact information, along with a parent’s email address. We will notify the parent via email about the collection and use of the child’s information and provide the parent an opportunity to prevent further contact with the child.
Contests and Sweepstakes Entry Information: Our online services may feature contests or sweepstakes and seek information necessary for a child to participate in such contests, including the child’s first name and parent’s email address to notify the parent (as required by law). If the child wins the contest, we may contact the parent via email to request information for prize fulfillment.
Information to Obtain Parental Consent: We may ask a child for a parent’s or guardian’s email address or other permissible contact information in order to request consent. If we do not receive parental consent within a reasonable time, we will delete the contact information and any other related information collected from the child. We may conduct other methods of parental consent permitted by COPPA, including obtaining a credit card number and charging a fee (which may be nominal), asking a parent to speak to a customer service representative by phone or video, or requiring submission of a signed consent form.
Persistent Identifiers: Our online services may automatically collect persistent identifiers for internal operations, including to provide and improve our online services, conduct analytics, authenticate users, personalize content, maintain the security and integrity of the service, and to ensure legal or regulatory compliance. Specifically, we may collect Internet protocol or IP address, pages and content visited, the type and version of operating system or web browser, device ID. We, or our third party service providers, may collect this information using HTTP cookies, flash cookies, HTML5 and Flash local storage, web beacons/GIFs, embedded scripts, and ETags/cache browsers (“Cookies”).
We may share or disclose personal information collected from children in the following circumstances:
With our service providers in order for them to perform service on our behalf;
In addition, personal information collected from a child may be shared or publicly posted if we first obtain parental consent.
Parents or guardians may contact firstname.lastname@example.org to review personal information provided by his or her child, have such information deleted, and/or refuse to allow further collection or use of such information, ATTN: Chief Privacy Officer Antony De Franco.