Program Requirements

Effective: January 24, 2013

    • I. Overview. Gigya requires that any Participant that seeks to be certified in the SocialPrivacy™ Certification Program (the “Program”) complies with the following program requirements (“Program Requirements”). Gigya will determine in its sole discretion if such Participant meets the Program Requirements and upon such satisfactory certification, Gigya will provide the Participant with the SocialPrivacy™ Certification Seal as evidence of certification (“Certification”). The SocialPrivacy™ Certification Seal must be displayed on all end user registration and login windows or dialog boxes on the Participant’s website or mobile application. The SocialPrivacy™ Certification Seal may also be displayed on additional pages of a website as well where Social Login or Social Network Data is collected.


    • II. Definitions.
      • A. “Clear and Conspicuous” means reasonably easy to find, and easily understandable in terms of content and style to the average consumer or user.


      • B. “Participant User” means the end user of any Participant Properties.


      • C. “Participant User Data” means: (i) any and all information pertaining to, provided by, or collected by Participant from or about a Participant User (including, without limitation, any information, including PII, that, alone or in combination with other information, can be used to identify a particular individual), including, without limitation, any information collected from cookies or other tracking technology used; (ii) any information about Participant Users provided by a third party to Participant; and (iii) any information inferred from a Participant User’s behavior, preferences or characteristics. In each case, Participant User Data will include any and all copies and derivatives of any of the above, in any medium or format, including any data that is de-identified, anonymized and/or aggregated.


      • D. “Explicit Permission” means the affirmative consent (opt-in) to a practice by the Participant User, after being provided notice, but prior to implementing the practice.


      • E. “Material Change” means degradation in the rights or obligations regarding the collection, use, or disclosure of PII for a Participant User.


      • F. “Mobile Application” means a type of application software designed to run on a mobile device, such as a smartphone or tablet computer that is created or operated by Participant and which Participant has submitted to Gigya for Certification.


      • G. “Site” means Participant’s websites located at the URLs listed in the agreement which the Participant has entered into with Gigya to participate in the SocialPrivacy™ Certification Program. Such websites have been submitted to Gigya for Certification.


      • H. “Participant” means the entity that has entered into an agreement with Gigya to participate in the SocialPrivacy™ Certification Program and agreed to comply with these Program Requirements.


      • I. “Participant Properties” means both the Site and Mobile Applications of Participant.


      • J. “Participant Materials” means any Privacy Statement and other documentation required by and relied upon by Gigya for the Certification.


      • K. “Personally Identifiable Information [PII]“ means any information that can be used to identify, contact, or locate a discrete Participant User, such as name or email address, and any information that is combined with such information.


      • L. “Privacy Statement” means the statements of Participant’s information collection and usage practices, as such practices are updated from time to time.


      • M. “Private Messages” means those messages that are sent directly to a party other than the Participant User (“Friend”) that can only be viewed by the Participant User and the Friend, rather than be posted publicly for others to see.


      • N. “Sell” means to either (i) transfer or share to a Third Party for a monetary value or (ii) transfer or share to any Third Party that is not a Service Provider, regardless of any money exchanged between Participant and the Third Party.


      • O. “Service Provider” is anyone other than the Participant or the Participant User that performs, or assists in the performance of, a function or activity which may involve the use or disclosure of PII. Such use must only be on behalf of Participant or Participant User and only for the purpose of performing or assisting in that specific function or activity as agreed to by the Participant and Participant User.


      • P. “Social Login” means a form of authenticating with a third party site using existing login information of a Participant User from a Social Network such as Facebook, Twitter or LinkedIn.


      • Q. “Social Network” is an online service that enables individuals with a common interest to use a website, platform or other technology to communicate with each other and share information, including, creating social or business relationships or communicating with each other through such means as instant messenger, email, private messages or posting to a profile or newsfeed.


      • R. “Social Network Data” means Participant User Data collected by Participant (or Participant’s Service Providers) from a Social Network, including, without, limitation through Social Login.


      • S. “Social Network Terms” means all terms of service or other agreements, policies, rules and guidelines (“Terms”) for any Social Network, including, without limitation, those Terms applicable to any use of a Social Network’s application programming interfaces (“API”) or Social Logins by Participant.


      • T. “SocialPrivacy™ Social Networks” means the following Social Networks that Gigya is currently providing SocialPrivacy™ Certification regarding Social Login for:
        1. Facebook
        2. Twitter
        3. LinkedIn
        4. Google
        5. Yahoo
        6. Windows Live Messenger


      • U. “Third Party(ies)” is an entity(ies) other than the Participant or the Participant User which is not directly affiliated with the Participant; and, if affiliated with the Participant, where such affiliation is not reasonably known to the Participant User.
    • III. Program Requirements. All Participants wanting their Participant Properties to be Certified must comply with the following requirements:
      • A. Participant Accountability. Participant shall have processes in place to comply with these Program Requirements.


      • B. Prohibited Participant Properties. Participant Properties engaging in the following practices or offering any of the following will not be eligible for Certification:
        1. Spyware, adware, or other malicious programs or code
        2. The bypassing of copyright protection, counterfeit goods or replica designer products
        3. Hate materials (e.g. Nazi memorabilia) or materials urging acts of terrorism, human suffering or violence
        4. Harassment or stalking
        5. Defamatory, libelous or threatening material
        6. Hacking, surveillance, interception, or descrambling equipment
        7. Illegal drugs and paraphernalia
        8. Unlicensed sale of prescription drugs or medical devices
        9. Adult pornography
        10. Child pornography
        11. Prostitution
        12. Body parts and bodily fluids
        13. Stolen products
        14. Items used for theft, fireworks, explosives
        15. Hazardous materials
        16. Government IDs or police items
        17. Unlicensed trade or dealing in stocks and securities
        18. Gambling or gambling items


      • C. Annual Recertification. Participant shall undergo re-certification to verify ongoing compliance with these Program Requirements annually.


      • D. Social Network Terms. Participant shall allow Gigya to confirm its compliance with all terms and conditions of the Social Network Terms of the SocialPrivacy™ Social Networks.


      • E. Social Network Data. Participant shall adhere to the following four principles regarding the Social Network Data collected from SocialPrivacy™ Social Networks on its Participant Properties (“SocialPrivacy™ Principles”), and Participant shall publicly represent its commitment to these SocialPrivacy™ Principles by prominently displaying them on all Participant Properties:
        1. Data Protection. Participant will not Sell Social Network Data, nor the Social Network Data of its Participant Users’ Friends, to Third Parties*.


        1. Social Publishing. Participant will not publicly post to a Participant User’s Social Network account without the Participant User’s Explicit Permission*. Gigya shall, at its sole discretion, determine what constitutes Explicit Permission.


        1. Friend Protection. Participant will not send Private Messages on behalf of a Participant User without the Participant User’s Explicit Permission*. Gigya shall, at its sole discretion, determine what constitutes Explicit Permission.


        1. Email Opt-in. Participant will not use PII obtained via Social Login to send newsletters, promotional emails or any other advertising unless Participant Users have opted-in to such notifications. Participant will stop sending such newsletters or emails if a Participant User unsubscribes*.

*Please see here for more detail on the Social Network Terms of the SocialPrivacy™ Social Networks regarding these four SocialPrivacy™ Principles.

      • F. Participant User Explicit Permission.
        1. The following use of Social Network Data obtained from SocialPrivacy™ Social Networks, requires the Participant to gather Explicit Permission and not rely solely on the Social Networks’ own authorization screens:
          • i. Post to a Participant User’s Social Network feed on behalf of the Participant User


          • ii. Send Private Messages to a Participant User’s Friends on behalf of the Participant User


          • iii. Send the Participant User emails for marketing or promotional purposes


        1. In obtaining any Social Network Data from SocialPrivacy™ Social Networks that includes any non-public PII for Participant Users ages 13-17, Participant must obtain Explicit Permission.


        1. Gigya shall, at its sole discretion, determine what constitutes Explicit Permission.


      • G. Privacy Statement. Participant is required to have an accurate and up-to-date, Clear and Conspicuous Privacy Statement that accurately describes how Participant User Data is collected, used, displayed, and shared or transferred. Participant shall treat all Participant User Data and Social Network Data in accordance with the posted Privacy Statement in effect at the time of collection unless the Participant User otherwise has given Explicit Permission or unless such use is a result of a non-Material Change to the Privacy Statement.


      • H. Participant Cooperation and Audit Rights. Participant shall cooperate with Gigya, at no charge to Gigya, by (i) providing access to Participant’s Properties for the purpose of conducting reviews to ensure that Participant is complying with these Program Requirements and (ii) providing information regarding how Participant is using and collecting Participant User Data and Social Network Data. Gigya reserves the right to audit the Participant’s adherence to the Program Requirements at any time. Gigya’s auditing of Participant Properties may include, but not be limited to:
        1. Registering via Social Login on the Participant’s Properties


        1. Opting into and out of marketing or promotional materials sent by Participant


        1. “Secret” shopping on Third Party data broker or advertising networks for Social Network Data.


      • I. Dispute Resolution Process.
        1. Participant Users who suspect any misuse of Social Network Data as set forth in these Program Requirements will be instructed to:
          • i. Confirm that the website or mobile application in question is a Participant Property and that Participant is a member of the SocialPrivacy™ Certification Program.


          • ii. Verify that the complaint is a privacy matter relating to one of the SocialPrivacy™ Principles


          • iii. Contact the Participant first


        1. Participant shall provide Participant Users with reasonable, appropriate, simple, and effective means to submit complaints, express concerns, or provide feedback regarding Participant’s privacy practices


        1. Participant shall cooperate with Gigya’s efforts to investigate and resolve non-frivolous privacy complaints, questions, and concerns raised either by:
          • i. Participant Users through Gigya’s dispute resolution process; or


          • ii. Gigya



      • J. Display Requirements for SocialPrivacy™ Certification Seal.
        1. Participant may not modify the SocialPrivacy™ Certification Seal in any way.


        1. Participant must ensure the SocialPrivacy™ Certification Seal is displayed in its entirety and that the tooltip, when triggered, is shown in its entirety as well.


      1. The SocialPrivacy™ Certification Seal must be displayed on all Participant User registration and login windows or dialog boxes on the Participant Properties. The SocialPrivacy™ Certification Seal may also be displayed on additional pages of a Site as well where Social Login or Social Network Data is collected. Unless agreed upon in writing prior to such use, Participant shall not place the SocialPrivacy™ Certification Seal anywhere outside of what is allowed under these Program Requirements.

Request Gigya Demo
Request Gigya Demo