FOR BUSINESSES
FOR CONSUMERS
FOR BUSINESSES
What is ESRB Privacy Certified?
Since 1999, ESRB Privacy Certified (formerly ESRB Privacy Online) has provided online privacy solutions for a variety of interactive entertainment clients to address the growing complexity of privacy protection laws in the United States, Canada, the European Union, the Asia-Pacific region and South America. Our focus on online and mobile privacy is consistent with ESRB's mission to help interactive software companies conduct business responsibly while assuring consumers, especially parents, that their and their children's personal information is collected and managed appropriately through the display of certification seals. Ultimately, we aim to help our members balance mitigation of risks and the achievement of their business objectives by providing guidance in developing the most effective privacy practices consistent with applicable law.
What is Personal Information?
First and last name
A home or other physical address including street name and name of a city or town
Online contact information
A screen or user name that functions as online contact information
A telephone number
A social security number
A persistent identifier that can be used to recognize a user over time and across different Web sites or online services
A photograph, video, or audio file, where such file contains a child's image or voice
Geolocation information sufficient to identify street name and name of a city or town
Information concerning the child or the parents of that child that the operator collects online from the child and combines with an identifier described above
What are the benefits of certification by ESRB Privacy Certified?
Members of the ESRB Privacy Certified program enjoy an in-depth level of monitoring and customer service. Our team consists of privacy attorneys and trained personnel with extensive experience in online privacy (including COPPA), EU, and mobile compliance.
Privacy Certified features include:
An upfront Privacy Compliance Audit assessing compliance with COPPA, GDPR, CAN-SPAM, PIPEDA (Canada), and data breach/data security/data retention laws
COPPA Safe Harbor status, which shields program members from potential sanctions or fines from the Federal Trade Commission (FTC) and/or state attorneys general
Assistance with EU-U.S. Privacy Shield Framework self-certification process
Drafting of mobile short form and long form privacy policies and upfront disclosures
Customized, biannual compliance reports that include strategies to ensure adherence to pertinent laws and provisions
Timely reviews of upcoming websites, online services, apps, contests, sweepstakes, promotions, e-mail and mobile campaigns, social networking, and a variety of other services and tools
Privacy policy drafting and editing (including reconciliation with EULA, TOS, etc.)
Dispute resolution services
A Consumer Online Hotline to address the privacy concerns of your users
Age/identity authentication services in partnership with Veratad Technologies
Translation service referrals
Legal referrals outside of the U.S.
What is a Privacy Compliance Audit?
The Privacy Compliance Audit is an overview of your business and your website, online service, or mobile app's vulnerabilities under U.S. (COPPA and CAN-SPAM), Canadian (PIPEDA) and EU (GDPR) laws. It is conducted by trained privacy personnel and includes a review of your existing privacy policy. Since our expertise is focused on interactive and/or child-oriented sites and services, the Privacy Compliance Audit may not be available for companies of all types.
Is there a fee for the Privacy Compliance Audit?
The Privacy Compliance Audit is provided as part of ESRB Privacy Certified membership.
How does a company become a member of the ESRB Privacy Certified program?
Feel free to complete our Privacy Risk Assessment, which will help inform a discussion about your privacy practices and how we might be able to help. Assuming we move forward, your enrollment in the ESRB Privacy Certified program will include our Privacy Compliance Audit, which will identify any issues with your data collection practices that should be addressed in order to comply with applicable laws. Once you join our program we will work with you to implement the necessary changes, after which your sites and/or apps will be certified and can display the applicable ESRB Privacy Certified seals.
Does the Privacy Certified program only accept members in the video game industry?
While our expertise is focused on interactive and/or child-oriented sites and services, we have a diverse group of member companies that operate both in and outside of the video game industry. Our advice and solutions are not "one size fits all"; each company receives customized solutions and guidance according to their business goals and privacy practices. For more information about the privacy solutions that we can offer your company, please begin
by completing the free Privacy Risk Assessment.
Can I get my mobile apps certified as well?
Absolutely. We have a Mobile Privacy Certification program that is entirely focused on mobile app privacy and the ESRB Privacy Certified team is well-versed in the specific privacy challenges faced by mobile app developers.
What are the fees for the program?
Membership fees for the ESRB Privacy Certified program are on a sliding scale based on your company's annual revenue (starting at $0). Fees are paid on an annual basis; however, accommodations can be made for bi-annual or quarterly payments. Please contact us at
privacy@esrb.org for more information.
FOR CONSUMERS
What does it mean when a website or app has a Privacy Certified seal on it?
ESRB Privacy Certified seals signify that a website or mobile app is compliant with applicable laws and best practices related to the collection and use of personal information. Seeing one of our seals lets you know that a website or app is a trustworthy environment in which to share your personal information. You are also able to contact ESRB Privacy Certified if you have any questions or concerns related to the privacy policies or practices of any website or app that displays our seals, so you can be assured your information is being responsibly handled.
What do the different ESRB Privacy Certified Seals mean?
The ESRB Privacy Certified program uses three seals:
The "ESRB Privacy Certified" seal signifies that a general audience website complies with global privacy laws and best practices.
The "ESRB Privacy Certified for Kids" seal signifies that a child-directed website or app complies with applicable laws and requirements such as COPPA.
The "ESRB Privacy Certified for Mobile" seal signifies that a mobile app complies with mobile privacy standards and best practices.
What is COPPA?
COPPA, or the Children's Online Privacy Protection Act (full text), is a United States federal law that is enforced by the Federal Trade Commission (FTC). Its primary objective is to ensure responsible data collection, use, and sharing practices of the personal information of children under 13, and requires that businesses obtain verifiable parental consent before collecting or using various types of information obtained from children under 13.
Does the Kids Seal mean that the content of an online game or mobile app is appropriate for my child?
The ESRB Privacy Certified for Kids seal pertains to compliance with laws and requirements related to the appropriate collection and use of personal information from children. For content ratings of games or apps, please refer to the ESRB's rating of the online game or app. We also strongly encourage parents to read the privacy policies and Terms of Use of websites, games, or apps that their children visit or use.
Who can I contact with privacy-related questions about ESRB Privacy Certified members?
If you have a privacy-related question or concern about any of the websites or apps that bear an ESRB Privacy Certified seal,
please contact us here.
Where can I find more information about privacy laws?
The following resources offer more detailed information about privacy matters:
