Do I have to disclose in my privacy policy and direct notice my use of “cookies,” “GUIDs,” “IP addresses,” or other passive information collection technologies?
Yes, if you intend to combine the passively collected non-personal information with “personal information.” The Rule defines “personal information” to include individually identifiable information about an individual collected online, including any persistent identifier that is tied to such identifying information. Where, for instance, you maintain a persistent identifier that is tied to a child’s personally identifiable information, it can be used to identify, contact, or locate an individual and thus is considered “personal information” under the Rule. See 16 C.F.R. § 312.2.
Related Questions
- Do I have to disclose in my privacy policy and direct notice my use of "cookies," "GUIDs," "IP addresses," or other passive information collection technologies?
- Does my privacy policy have to disclose my use of cookies, GUIDS, IP addresses, or the fact that I use other passive information collection technology?
- If I am an employer with a group policy, may I share Unums Privacy Notice with my employees who are insureds under the policy?
