TRUSTe Children's Privacy / COPPA
Assessments & Certifications

Demonstrate your commitment to kids' privacy with a COPPA certification.

If your website or app is fully or partially targeted towards children under the age of 13, or your website or app knowingly collects personal information from children under the age of 13, you need to comply with the Federal Trade Commission (FTC)-enforced Children's Online Privacy Protection Act (COPPA).

TRUSTe Children’s Privacy Assessment and Certification

The TRUSTe Children’s Privacy Certification program allows businesses to demonstrate the child-friendly nature of their website or app while supporting compliance with COPPA. The program certifies COPPA compliance and meets the requirements of the TRUSTe Children’s Privacy Certification Standards, which include ongoing monitoring and privacy dispute resolution.

Powerful Technology + Proven Methodology + Deep Expertise

The TrustArc Platform powers all solutions, combining:
9+ years of high scale operating experience
1,000s of successful customer engagements
20+ years of privacy industry experience

TRUSTe Certifications are conducted in three phases:

Assessment Phase

TRUSTe has provided COPPA Safe Harbor certifications since 2001 and has extensive experience working on children’s privacy programs with clients of all sizes across a variety of industries. A member of our Global Privacy Solutions team will guide you through the process, utilizing our proven methodology and powerful technology.


Privacy Review

The first step is to define the assessment scope by business units, product/service lines, and digital properties (websites, apps, cloud platforms). A member of our Global Privacy Solutions team works with your team to efficiently guide discovery of necessary information, including relevant data flows and evaluation of your privacy policies and practices against relevant standards.

Findings Report

A findings report is delivered which includes a gap analysis, risk summary and remediation recommendations. The report outlines actionable steps required to achieve compliance.

Tracker Scanning

The assessment is augmented with information gleaned by using TrustArc scanning technology on the applicable digital properties, providing insight into what first and third party trackers may be collecting information through those digital properties.

Remediation and Certification Phase

Based on the information gleaned from the assessment, a member of our Global Privacy Solutions team guides you through the remediation process, helping to ensure required changes are completed.


Remediation / Validation

A member of our Global Privacy Solutions team assists with any necessary remediation steps, including providing relevant templates and process change advice. We then validate that your privacy statements accurately reflect your updated privacy practices and are consistent with applicable standards.

Letter of Attestation

As proof of TRUSTe Certification, an official Letter of Attestation can be shared with your business partners, providing your organization with competitive differentiation.

TRUSTe Children's Privacy Certification Seal

After completing the required changes, we authorize your use of the TRUSTe Kids Privacy seal for display on applicable digital properties. The seal is hosted and linked to a TRUSTe Validation Page to provide real-time verification along with an easy-to-understand consumer notice that you meet TRUSTe’s Children’s Privacy Program Requirements.

TRUSTe COPPA Privacy seal

Ongoing Monitoring and Guidance Phase


Searchable Audit Trail

All assessment work and supporting documentation is available in a searchable, central repository - providing a way to respond to inquiries and demonstrate compliance for internal / external audits.

Ongoing Guidance

Access to privacy experts for ongoing policy guidance along with educational webinars, events, whitepapers, client advisories, privacy tips and research.

Dispute Resolution

Access to a third-party dispute resolution service, which helps efficiently manage privacy inquiries from customers and addresses dispute handling compliance requirements.

TRUSTe Privacy Feedback Button

External demonstration to consumers, business partners and regulators that your company uses TrustArc technology and tools to manage privacy related questions or concerns. The Feedback Button may be placed on your digital Privacy Policy page and links to a mechanism for consumers to submit questions or feedback.

Privacy Feedback

Click here to review the Children's Privacy Program Requirements.

To see all TRUSTe Certifications and Assurance Services, visit Demonstrate Compliance.

COPPA Certification Guide: Frequently Asked Questions

Below are answers to some of the most popular questions that we receive relating to the Children’s Online Privacy Protection Act (COPPA).

What is the Children’s Online Privacy Protection Act (COPPA)?

The Children’s Online Privacy Protection Act (COPPA) is a federal law that was passed by the U.S. Congress in October 1998 and took effect in April 2000. COPPA was created to protect the privacy of children under 13 and is managed by the Federal Trade Commission (FTC). COPPA includes compliance requirements for businesses operated for commercial purposes that have websites, apps or online services directed to children under 13 years of age or those that have knowledge that they are collecting personal information online from kids within this age range.1 Personal information is broadly defined by COPPA and includes, for example, anything as simple as a first and last name to an actual file containing a child’s image or voice.

[1] FTC website. https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.

How do I know if the Children’s Online Privacy Protection Act (COPPA) applies to my business?

If your website or app is fully or partially targeted towards children under the age of 13 in the U.S. or your website or app knowingly collects personal information from children under the age of 13, you need to comply with COPPA. COPPA’s requirements also apply to non-U.S. operated websites if they are directed to kids under 13 (or collect information from these children) in the U.S. Your website, app, or Internet service will be considered directed towards children if the content, language, advertising, intended audience and/or the use graphics or features are child-oriented.2

[2] Children’s Online Privacy Protection Act (COPPA). Inc.com. https://www.inc.com/encyclopedia/childrens-online-privacy-protection-act-coppa.html.

What do I need to do to comply with the Children’s Online Privacy Protection Act (COPPA)?

COPPA defines what website owners must do to comply - for example, posting guidelines and defining content that must be included in a privacy policy; guidelines about when and how to seek verifiable consent from a parent or guardian; responsibilities to protect kids’ privacy and safety online (including restrictions on marketing to an underage audience); and requirements to keep information collected from kids confidential and secure. The FTC outlines a six-step compliance plan with specific information for businesses to determine if they are covered by COPPA and what to do to comply.3

[3] Children’s Online Privacy Protection Rule: A Six-Step Compliance Plan for Your Business. FTC web site. https://www.ftc.gov/tips-advice/business-center/guidance/childrens-online-privacy-protection-rule-six-step-compliance

What are the penalties for non-compliance with the Children’s Online Privacy Protection Act COPPA?

Non-compliance with COPPA can lead to fines in addition to brand and reputation damage. The FTC has brought numerous actions against website operators for failure to comply with COPPA and fines have ranged from hundreds of thousands to close to a million dollars.

Why do I need a COPPA privacy certification?

A COPPA certification allows businesses to demonstrate the child-friendly nature of their website or app and their commitment to kids’ privacy while supporting efforts to comply with COPPA. The certification shows the government, children and parents, customers, etc. that you are serious about compliance with COPPA and that children’s safety is a top concern.

Why should I work with TrustArc to obtain a COPPA privacy certification?

TRUSTe, a subsidiary of TrustArc, has provided COPPA Safe Harbor certifications since 2001 and has extensive experience working on children’s privacy programs with clients of all sizes across a variety of industries. In addition, we help make the COPPA certification process simple for you. A member of our Global Privacy Solutions team will guide you through the process, utilizing our proven methodology and powerful technology.

What is a COPPA certification seal?

A COPPA certification seal may be displayed on your web site and other digital properties to help demonstrate your commitment to kids’ privacy. As part of its COPPA certification process, TRUSTe offers a Children's Privacy Certification Seal. After completing the assessment and remediation phases of the certification process, and implementing the required identified changes, we authorize your use of the TRUSTe Kid’s Privacy seal for display on applicable digital properties. The seal is hosted and linked to a TRUSTe Validation Page to provide real-time verification along with an easy-to-understand consumer notice that you meet TRUSTe’s Children’s Privacy Program Requirements.

Assess how your websites and apps meet COPPA / kids’ privacy regulations.


Resources


Loading