Geek 2 Geek – Privacy Policy

This review is color-coded, and the colors may not show in an external reader.  Please visit the post on the site to get all the color detail.

In general, the Geek2Geek Privacy Policy is fair – it specifically states what you can expect of Geek2Geek regarding how they treat your data.  You will notice I don’t have a lot of markups here – no where near as many as I have had for other sites.

I would prefer that Geek2Geek placed the link to the Privacy Policy on the home page, just as it does the Terms of Use link (they have confined via email that they are considering doing this).  Why?  Because Terms of Use are rules YOU have to follow on a web site, and the Privacy Policy is what the web site is promising to do to safeguard your private data.  I think they are equally important documents.

I have minor issues with a lack of clarification on some things (like does deleting your profile *really* delete everything the site knows about you?  And what, specifically is the site doing  when it comes to “physical, electronic, and procedural safeguards that comply with federal regulations”.  I do think some more detail is warranted here – too many sites are using this sentence as boiler-plate.  I want to know what it really means.

Again, the Privacy Policy is not generally considered a legal contract between you and the web site, or the web site and you.  That’s why I think it’s so important.  It is basically the “word of the web site”.  You have to trust them to follow it.  I’ve been informed that some jurisdictions DO consider a Privacy Policy a legal document.  I wish all sites would treat it as one.  It should be at least as binding as the Terms of Use policy is.

I also wish sites would start including some mention of data backups in the Privacy Policy.  I don’t expect any site to guarantee my data can be restored if there is a catastrophic hardware failure – but I would appreciate knowing that they at least have a back up policy in place.  Users spend a lot of time populating data on Social Networking sites, and we would feel more comfortable knowing that data won’t just go away if a hard drive dies. 

I’m going to review the Terms of Use policy as well (in the next few days, I hope).  I’ll link this post to it, and it to this post once I complete it.

 

 

Review Guide:

Red Text – Text I highlighted that I talk about below the colored paragraph.

Green text – My comments 

Bold underlined blue text – suggested changes – usually typographical stuff.

Bold underlined green text: generally inline comments, or anything else that doesn’t fit the other colors above 🙂

 

 

Geek 2 Geek takes your privacy seriously. Please read the following to learn more about our privacy policy.
NOTICE: Click here for important information about safe surfing from the Federal Trade Commission.

We at Geek 2 Geek (“we” or “Geek 2 Geek”) have created this privacy policy to demonstrate our firm commitment to protecting your personal information and informing you about how we handle it. This privacy policy only applies to transactions and activities in which you engage, and data gathered, on the Geek 2 Geek Website and double blind email communications between Geek 2 Geek members (collectively, the “Site”) but does not apply to any other Website or offline point of contact between Geek 2 Geek, or any other company, and consumers. Please review this privacy policy periodically as we may modify it from time to time. Each time you visit the Site or provide us with information, by doing so you are accepting the practices described in this privacy policy at that time.

As always, I don’t like Privacy Policies that sound like Terms of Use – by having the user “accepting the practices” this sounds more like a Rules Document instead of what Geek2Geek is promising to do to protect my data, and my privacy.

 

All member portraits and profiles are screened by real people for appropriateness before being posted to the site. That includes making sure that the portrait and profile do not include any specific identifying information. In addition, all communication between members is done through Geek 2 Geek’s double-blind email system, with members using an anonymous display name and not their real email address. This ensures that no personal contact information is revealed until a member is ready to do so.

What This Privacy Policy Covers

· This policy covers how Geek 2 Geek treats personal information that Geek 2 Geek collects and receives, including information related to your past use of Geek 2 Geek products and services. Personal information is information about you that is personally identifiable like your name, address, email address, or phone number, and that is not otherwise publicly available.

· This policy does not apply to the practices of companies that Geek 2 Geek does not own or control, or to people that Geek 2 Geek does not employ or manage.

Information Collection and Use

General

· Geek 2 Geek collects personal information when you register with Geek 2 Geek, when you use Geek 2 Geek products or services, when you visit Geek 2 Geek pages or the pages of certain Geek 2 Geek partners, when you participate in any polls, and when you enter any promotions or sweepstakes. Geek 2 Geek may combine information about you that we have with information we obtain from business partners or other companies.

· When you register we ask for information such as your name, email address, birth date, gender, ZIP code, occupation, industry, and personal interests. When you register with Geek 2 Geek and sign in to our services, you are not totally anonymous to us.

· Geek 2 Geek automatically receives and records information on our server logs from your browser, including your IP address, Geek 2 Geek cookie information, and the page you request.

· Geek 2 Geek uses information for the following general purposes: to customize the advertising and content you see, fulfill your requests for products and services, improve our services, contact you, conduct research, and provide anonymous reporting for internal and external clients.

Children

· Children under 18 are not allowed to register with Geek 2 Geek. Any profile suspected to have been created by a person under 18 is deleted.

Information Sharing and Disclosure

· Geek 2 Geek does not rent, sell, or share personal information about you with other people or nonaffiliated companies except to provide products or services you’ve requested, when we have your permission, or under the following circumstances:

o We provide the information to trusted partners who work on behalf of or with Geek 2 Geek under confidentiality agreements. These companies may use your personal information to help Geek 2 Geek communicate with you about offers from Geek 2 Geek and our marketing partners. However, these companies do not have any independent right to use or share this information.

o We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.

o We believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Geek 2 Geek’s Terms of Use (provide link), or as otherwise required by law.

o We transfer information about you if Geek 2 Geek is acquired by or merged with another company. In this event, Geek 2 Geek will notify you before information about you is transferred and becomes subject to a different privacy policy.

· Geek 2 Geek may display targeted advertisements based on personal information. Advertisers (including ad serving companies) may assume that people who interact with, view, or click targeted ads meet the targeting criteria—for example, women ages 18-24 from a particular geographic area.

o Geek 2 Geek does not provide any personal information to the advertiser when you interact with or view a targeted ad. However, by interacting with or viewing an ad you are consenting to the possibility that the advertiser will make the assumption that you meet the targeting criteria used to display the ad.

o Geek 2 Geek advertisers may include financial service providers (such as banks, insurance agents, stock brokers and mortgage lenders) and non-financial companies (such as stores, airlines, and software companies). (I really don’t know why this bullet-point is even here – it doesn’t hurt anything, but it doesn’t really add any value either)

Cookies

· Geek 2 Geek sets and accesses Geek 2 Geek cookies on your computer. Like most Websites, Geek 2 Geek uses cookies to keep track of your purchases and other activity on the site and to enhance your experience. We also use cookies to deliver content specific to your interests, to save your password, and to save other personal information so you do not have to reenter it each time you visit the site. Third party advertisers on the site may also place or read cookies on your browser. If you wish to disable these cookies, the “help” portion of the toolbar on most browsers will tell you how. However, if you set your browser to disable cookies, you may not be able to access certain areas on the site.

Your Ability to Edit and Delete Your Account Information and Preferences

General

· You can edit your Geek 2 Geek Account Information, including your marketing preferences, at any time.

· You can delete your Geek 2 Geek account by visiting our Account page. Children

I don’t understand the dangling word “children” here and suspect it’s just a typo.  Beyond that – do you *really*  delete all of my data when I delete my account (I mean ALL of my data, as in, you’ve never heard of me?)

 

Confidentiality and Security


· We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs.

· We have physical, electronic, and procedural safeguards that comply with federal regulations to protect personal information about you. (some detail would be useful here)

Changes to this Privacy Policy

· Geek 2 Geek may update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your Geek 2 Geek account or by placing a prominent notice on our site. (I applaud that you will notify the user of significant changes – but how are they defined?  I want to be notified (and have to re-agree) to ANY changes)

Questions and Suggestions

· If you have questions or suggestions, please contact us.

Effective Date: January 1, 2007

Source: Geek 2 Geek – Privacy Policy

Comments

  1. Spenser – thanks for the in-depth response. I’ll just re-comment on the couple issue I still have questions about:

    On the basic issue of “Rules vs Privacy Policy” – I erred here in stating that users should be notified of ANY changes to the Privacy Policy. I was already working on a review of the Terms of Use, and got my comments crossed over. Basically, my opinion here is simple:

    The Privacy Policy is an INFORMATIONAL document that you provide to user’s so they can understand HOW you protect their privacy, and WHAT information you share and collect. User’s should NOT have to “accept” a privacy policy in order to use your site. They shouldn’t even have to agree with it. Anything you have in your Privacy Policy that a user MUST accept in order to use the site should be replicated in your Terms of Use document – one users SHOULD be forced to accept in order to use the site.

    I also agree users should have the option to opt-in to get notified any time this document changes.

    As far as the detail on “Physical safeguards, etc” – ok, you convinced me on that one. Too hard to monitor and maintain.

    One last comment – I think it’s very good that you actually delete my data when I ask you to – I think you should make that more clear – it’ a very positive thing and you should be proud of it.

    Rob

  2. Hi, Rob,

    Thanks for doing all that work. As you might expect, we agree on some things and disagree on others. Mostly we agree, and changes have already been made or will be made shortly. I’ve tried to recap all the issues below. Unfortunately, the color coding you use apparently doesn’t work in the comments, but I think it’ll be easy enough to decipher. Here goes:

    Privacy Policy:

    Each time you visit the Site or provide us with information, by doing so you are accepting the practices described in this privacy policy at that time.

    Rob:

    As always, I don’t like Privacy Policies that sound like Terms of Use – by having the user “accepting the practices” this sounds more like a Rules Document instead of what Geek2Geek is promising to do to protect my data, and my privacy.

    Spencer:

    Not such a big issue, but I disagree. There are references to the fact that we may give advertisers or an acquirer information. They are accepting that that may happen.

    Rob:

    Inappropriate links to another site.

    Spencer:

    These were corrected (removed). Lesson: Don’t use Microsoft Word as a text editor.

    Privacy Policy:

    However, these companies do not have any independent right to use or share this information.

    Spencer:

    Change made.

    Privacy Policy:

    o We believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Geek 2 Geek’s Terms of Use (provide link), or as otherwise required by law.

    Spencer:

    Change made.

    Privacy Policy:

    o Geek 2 Geek advertisers may include financial service providers (such as banks, insurance agents, stock brokers and mortgage lenders) and non-financial companies (such as stores, airlines, and software companies).

    Rob:

    (I really don’t know why this bullet-point is even here – it doesn’t hurt anything, but it doesn’t really add any value either)

    Spencer:

    It’s there because I saw it on other sites and assume there’s something about these providers that causes concern. Like you said, it doesn’t hurt anything, so better to leave it in.

    Privacy Policy:

    • Geek 2 Geek sets and accesses Geek 2 Geek cookies on your computer. Like most Websites, Geek 2 Geek uses cookies to keep track of your purchases and other activity on the site and to enhance your experience. We also use cookies to deliver content specific to your interests, to save your password, and to save other personal information so you do not have to reenter it each time you visit the site.

    Spencer:

    Changes made and inappropriate links deleted.

    Privacy Policy:

    General
    • You can edit your Geek 2 Geek Account Information, including your marketing preferences, at any time.
    • You can delete your Geek 2 Geek account by visiting our Account page.

    Spencer:

    Changes made and inappropriate links deleted.

    Privacy Policy:

    Children

    Rob:

    I don’t understand the dangling word “children” here and suspect it’s just a typo.

    Spencer:

    It is, and was deleted.

    Rob:

    Beyond that – do you *really* delete all of my data when I delete my account (I mean ALL of my data, as in, you’ve never heard of me?)

    Spencer:

    As far as Geek 2 Geek is concerned, we really delete all of your data. It’s out of the database, completely. I’m not smart enough to know what happens on the server when a record is deleted, but Geek 2 Geek can not use your information.

    Privacy Policy:

    • We have physical, electronic, and procedural safeguards that comply with federal regulations to protect personal information about you.

    Rob:

    (some detail would be useful here)

    Spencer:

    It’s very difficult to keep such detail up-to-date. I rely on the hosting company (www.americaneagle.com) to assure compliance, since they host thousands of sites and maintain the requirements.

    Privacy Policy:

    • Geek 2 Geek may update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your Geek 2 Geek account or by placing a prominent notice on our site.

    Rob:

    (I applaud that you will notify the user of significant changes – but how are they defined? I want to be notified (and have to re-agree) to ANY changes)

    Spencer:

    I disagree. How do you possibly define “significant?” If I change by putting in a link, would it really be necessary to notify you AND require you to re-agree? How would you re-agree? If it was passive, perhaps, ok, but to require a response from all members, not even close to being practical. Of course, if a change is made that reduces your privacy protection, you should be notified, but if the change increases your protection, what harm is done?

    Let me be clear regarding Geek 2 Geek. The only “advertising” that’s done on my site is to have links to sites that I may draw a commission from if the member clicks on them and buys something from them. Those sellers have their own privacy policies that the member would have to look at if they’re going to buy. If, sometime, I was going to provide information beyond what’s specified in the current Privacy Policy, I certainly would consider it necessary to notify all members and, at least, give them the opportunity to delete their profile. There’s much in Geek 2 Geek’s Privacy Policy that was “borrowed” from other sites. I don’t have the resources to create my own. So, it includes much that will almost certainly never be an issue, but I left in just so that I could refer to it if I ever did change any method of operating.