Keeping up with current data privacy laws and regulations can be time consuming and expensive. While this content is not legal advice and never meant to take the place of consulting with your own legal counsel, we appreciate that the topics can be challenging to navigate, especially as they relate to changing technologies. This page provides helpful tips, links, and insights related to current industry practices. We recommend each brand create their own best practices and guidelines that fit and follow current privacy legislation. Any fullthrottle.aiTM technology on an Advertiser’s website should include privacy policies deployed and articulated by the Advertiser.
If you are interested in the privacy practices on our fullthrottle.aiTM platform and the data it uses for delivering advertising, click here. If you are interested in our website privacy policy, click here.
fullthrottle.aiTM employs both internal and external best practices and guidelines for data privacy within our company. You can read more about our processes and our SOC2 compliance. We partner with OneTrust for our consent management platform (CMP) to mitigate privacy risks.
View more information in our Privacy Hub, here. For a sample supplement which may be added to an existing privacy policy which encompasses the fullthrottle.aiTM technology, click here.
Privacy Principles
Identified below are commonly accepted Privacy Principles you may want to consider as you communicate out your Privacy Program.
- Clearly identify the information you collect
- Ensure the User consent agreement aligns with the information you collect
- Clearly state the purpose for collecting information
- Identify the length of time you retain information
- Collect only information which aligns to consent agreement
- Handle the information in ways people would reasonably expect and not use it in ways that have unjustified effects
- Ensure information is disposed of appropriately when no longer needed to support the reason it was collected
- Review your consent agreement periodically to ensure it remains aligned with your business needs as technology changes
- Ensure consumers have the ability to change their consent preference, including the ability to opt-out
Companies that prioritize transparency, user control, and data protection are more likely to be recognized for their best privacy practices surrounding first and third-party data.
Provide clear and concise cookie policies: Organizations that use cookies on their websites should provide a clear and concise cookie policy that explains the types of cookies being used, their purpose, and how they will be used.
Obtain consent before activating cookies: Organizations should obtain users' consent before setting cookies. This consent should be explicit and given freely, and users should be provided with an option to opt-out of non-essential cookies.
Provide options for cookie settings: Organizations should provide users with options to manage their cookie settings, such as the ability to opt-out of non-essential cookies or to delete cookies.
Limit the lifespan of cookies: Organizations should limit the lifespan of cookies to the shortest amount of time necessary to achieve their purpose. This helps to minimize the amount of data that is collected and stored.
Keep cookies secure: Organizations should take steps to keep cookies secure, such as encrypting cookies to prevent unauthorized access or tampering.
Regularly review and update cookie policies: Organizations should regularly review and update their cookie policies to ensure they are up-to-date and accurate.
By following these best practices, organizations can help to protect user privacy and build trust with their users by being transparent about their use of cookies.
Resources and Examples of Consent Management Platforms
A consent management platform (CMP) is a software tool that enables organizations to manage user consents for data processing activities, including the use of cookies, tracking pixels, and other types of online tracking technologies.
A CMP provides a way for website owners to obtain and manage user consent for data processing activities that require it, as required by various data protection regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Rights Act (CPRA).
A CMP typically includes a user interface that allows website visitors to review and control their preferences for data processing activities. It may also include features such as cookie scanning and monitoring, consent logging, and reporting to help organizations demonstrate compliance with applicable regulations.
Overall, a CMP is an important tool for organizations to help ensure that they obtain and manage user consent in a compliant and transparent manner, while also providing users with greater control over their personal data.
OneTrust: OneTrust connects data, teams, and processes for seamless collaboration. Their platform is customizable to fit your needs and offers a variety of trust solutions that include: privacy, Governance, Risk, and Compliance (GRC), ethics, and Environmental, Social, and Governance (ESG). OneTrust’s platform proactively mitigates risk and bridges gaps between teams and workflows. OneTrust offers solutions based on regulations and trust domains here.
Resources for Privacy Best Practices
International Association of Privacy Professionals (IAPP) - The IAPP is a key resource for privacy related information and tracks changes in State level privacy legislation.
General Data Protection Regulation (GDPR) - The GDPR is an EU regulation that governs data protection and privacy. Their website provides information on data subject rights, including the right to opt-in and opt-out of data processing.
California Consumer Privacy Rights Act (CPRA) - The CCPRA is a US law that provides California residents with certain data privacy rights, including the right to opt-in and opt-out of data sharing. Their website provides guidance on how to comply with the CCPRA and best practices for opt-in and opt-out.
Interactive Advertising Bureau (IAB): IAB empowers the media and marketing industries to thrive in the digital economy. They have committees and councils who drive the industry forward, Centers of Excellence who develop guidelines and best practices, and a Tech Lab that produces technical standards and protocols.
Information Commissioner's Office (ICO): The ICO is an independent authority in the UK that promotes and enforces data protection and privacy regulations. Their website provides guidance on cookies and consent, including best practices for obtaining consent and managing cookies.
European Data Protection Board (EDPB): The EDPB is an independent European Union (EU) body that provides guidance on data protection and privacy. Their website provides information on cookies and consent, including best practices for obtaining valid consent and managing cookies.
Digital Advertising Alliance (DAA): The DAA is a US-based industry organization that provides self-regulatory guidelines for digital advertising, including guidelines for the use of cookies and other tracking technologies. Their website provides guidance on how to provide transparency and choice to users when using cookies for advertising purposes.
Network Advertising Initiative (NAI): The NAI is a US-based industry organization that provides self-regulatory guidelines for online advertising, including guidelines for the use of cookies and other tracking technologies. Their website provides guidance on how to provide transparency and choice to users when using cookies for advertising purposes.
World Wide Web Consortium (W3C): The W3C is an international community that develops web standards, including standards related to privacy and security. Their website provides guidance on best practices for privacy and security on the web, including best practices for the use of cookies and other tracking technologies.