A sample P3P file - Page 2
August 12, 2002
Let's launch straight in with a look at a sample P3P file in XML.
This one is fictional and contains dummy information, but it's
based on real examples found on the Web:
<?xml version="1.0" encoding="UTF-8" ?>
- <POLICY xmlns="http://www.w3.org/2000/12/P3Pv1" discuri=http://www.tinhat.com/privacy.html name="TinHat Privacy Policy">
- <ENTITY>
- <DATA-GROUP>
<DATA ref="#business.name">TinHat.</DATA>
<DATA ref="#business.contact-info.postal.street">23 Peachmeal Street</DATA>
<DATA ref="#business.contact-info.postal.city">East Chicatto</DATA>
<DATA ref="#business.contact-info.postal.stateprov">NY</DATA>
<DATA ref="#business.contact-info.postal.postalcode">66666</DATA>
<DATA ref="#business.contact-info.postal.organization">Webmaster </DATA>
<DATA ref="#business.contact-info.postal.country">USA</DATA>
<DATA ref="#business.contact-info.telecom.telephone.number">777-777-7777</DATA>
<DATA ref="#business.contact-info.online.email">privacy@tinhat.com</DATA>
<DATA ref="#business.contact-info.online.uri">http://www.tinhat.com</DATA>
</DATA-GROUP>
</ENTITY>
- <ACCESS>
<all/>
</ACCESS>
- <DISPUTES-GROUP>
- <DISPUTES resolution-type="service" service="http://www.tinhat.com/contact.html" short-description="TinHat Contact">
<LONG-DESCRIPTION>If you have a query about Privacy on the TinHat site, please email the webmaster at privacy@tinhat.com</LONG-DESCRIPTION>
- <REMEDIES>
<correct />
</REMEDIES>
</DISPUTES>
- <DISPUTES resolution-type="independent" service="http://www.truste.org/users/users_watchdog.html" verification="https://www.truste.org/validate/XXX" short-description="TRUSTe">
<LONG-DESCRIPTION>TinHat is not a licensee of the TRUSTe Privacy Program, but this is one of the organisations that companies may use as an independent arbiter of disputes. Another is BBBOnLine. The description of the organisation would go here.</LONG-DESCRIPTION>
- <REMEDIES>
<correct />
</REMEDIES>
</DISPUTES>
</DISPUTES-GROUP>
- <STATEMENT>
<CONSEQUENCE>TinHat makes use of the normal information logged in standard web server access logs to present the user with customized pages.</CONSEQUENCE>
- <PURPOSE>
<admin />
<current />
<customization />
<develop />
</PURPOSE>
- <RECIPIENT>
<ours />
</RECIPIENT>
- <RETENTION>
<indefinitely />
</RETENTION>
- <DATA-GROUP>
<DATA ref="#dynamic.clickstream.uri" />
<DATA ref="#dynamic.clickstream.timestamp" />
<DATA ref="#dynamic.clickstream.clientip" />
<DATA ref="#dynamic.http.useragent" />
- <DATA ref="#dynamic.cookies">
- <CATEGORIES>
<preference />
</CATEGORIES>
</DATA>
</DATA-GROUP>
</STATEMENT>
- <STATEMENT>
<CONSEQUENCE>Data we collect in order to process a transaction </CONSEQUENCE>
- <PURPOSE>
<admin />
<contact />
<current />
<develop />
<telemarketing />
</PURPOSE>
- <RECIPIENT>
<ours />
</RECIPIENT>
- <RETENTION>
<indefinitely />
</RETENTION>
- <DATA-GROUP>
<DATA ref="#business.name" optional="yes" />
<DATA ref="#business.contact-info.postal" optional="yes" />
<DATA ref="#business.contact-info.telecom" optional="yes" />
<DATA ref="#business.contact-info.online" optional="yes" />
<DATA ref="#thirdparty.name" optional="yes" />
<DATA ref="#thirdparty.jobtitle" optional="yes" />
- <DATA ref="#dynamic.miscdata" optional="yes">
- <CATEGORIES>
<physical />
<online />
<demographic />
<preference />
</CATEGORIES>
</DATA>
</DATA-GROUP>
</STATEMENT>
</POLICY>
There's a lot to look at! But it can easily be broken down into
digestible chunks.
P3P - Platform for Privacy Preferences
P3P - Platform for Privacy Preferences
A sample P3P file (Cont.) - Page 3
|
