Frequently Asked Questions
We've been asked a lot of questions about the way we're redesigning the experience of data protection for both business and consumer. Here are a few of the most common questions we get asked about the Pulse Privacy.
What are some of the best monitoring solutions for parents
Techjury has come out with a 2021 top 10 list of parental control solutions for those who are concerned about child cyberbullying, or want to protect their children from internet scams, or pornography
Check it out.
How do I know if a site is safe for my child?
There are organizations that are committed to ensuring that sites creating games or resources targeted to children comply with existing regulation:
Privo offers certification and compliance programs for business as they relate to Children’s Online Privacy Protection Act (COPPA), the EU General Data Protection Regulation (GDPR) as it relates to children and US Student Digital Privacy regulations. Check out the sites and applications that have been certified by Privo.
How do I keep my child safe online?
There are many threats to children's online safety including data privacy, cyberbullying, and harassment. Learn more about some of the ways to talk to your children about the risks, set some rules and take proactive steps to them online from Consumer Notice
Why do companies give government access?
It's important to assist law enforcement when possible in order to uphold law and order within society. Some companies may encrypt information, which means they cannot share all information but they may still participate in legal obligations up until the point they're incapable of sharing information.
Continue reading to understand our use of end-to-end encryption and other security measures that may impact our ability to share data with law enforcement—or not, pending valid legal request.
What is 2-Factor Authentication and should I use it?
2-Factor Authentication (sometimes called 2FA) is a process that verifies a person is who they say they are by using two pieces of evidence, which might include personal information or other data, unique to them in some way.
These days, usernames and passwords can easily be compromised, so many online services including banks, social media, shopping services add additional layers of verification or a "second factor" to confirm a person's identity—like a PIN number on a cell phone, fingerprinting or facial recognition.
When more than two factors are used, it's called multi-factor authentication. And, YES, you should use it!
Watch this video to learn more:
Should I use a password manager?
There was a time when remembering a username and password for a few accounts was not an issue. These days an average person may have a few hundred accounts from online stores, social media accounts, work accounts, messaging apps, etc. Using the same password for all your accounts is easy and convenient but also dangerous, and could leave someone open to identity theft or online fraud.
A password manager helps you avoid this by allowing you to store more complex passwords (like G3ldk@#soek!!) that are unique to every account. What's more, it keeps these passwords hidden in a vault that only you can access. No more having to remember all the different passwords for all your accounts any longer. In addition, you keep your accounts secure.
To learn more, watch this video.
What is a password manager and what are the benefits?
A password manager is an application that you can add to your favourite browser or download onto your phone that stores all the usernames and passwords of all your online accounts. A password manager allows the creation of more complex and lengthier passwords unque to each of your accounts without you requiring you to remember them all. What's more you only need to learn one password to access the application, and from there, let your password manager give you easy access to all your accounts.
Find out more and watch this video:
What benefits do companies get from my data?
Companies view data as an asset. Your data gives companies information they need to develop products, customize your website experience, and sell you products they know you will buy. The more they know about you, the better they will be able to predict what you will buy. Your information will help a company make money. Over time, there are those who have begun to question how much data 'should' companies have about each one of us. More importantly, what data are companies using and why?
Watch this video from our co-Founder, Joe Toscano's Ted Talk: Want to Work for Google? You Already Do.
How do companies track me across platforms?
The term tracking has traditionally been used by advertising companies. Digital advertising gave rise to ad-tracking—a way for advertisers to know what sites their customers were coming from before they made their online purchases.
These days, ad trackers allow advertisers to better target their customers—no matter where they are on the Internet, or what app they are using. Advertisers generally have one goal in mind: to bring you to their website to buy something (usually.)
The more questionable cookies are third-party cookies, used by advertisers to track your cross-site behavior. Every time you click on a link, an ad or traverse particular websites, your activity gets stored along with your identity and data about your behavior.
Learn more about the different ways websites are tracking individuals on the web.
Can companies track my keystrokes as I type?
Companies can use keyloggers to capture and record the keystrokes used by individuals. Companies use this information to improve their employee experience, but they can also use it to monitor behavior. Keyloggers can also be used by malicious third parties. Any information you type into a website form or an application can be stolen by malicious actors and sent back to a third party, who can sell your information for profit. This may include personal or financial information.
Find out more about kestroke capture technology.
Can companies track my eyes as I use the screen?
Eye tracking technology was found on the premise that, "humans connect via eye-contact and by passing this attribute to computers, they will be closer to functioning like humans."
"Eye tracking is a technological process that enables the measurement of eye movements, eye positions, and points of gaze. In other words, eye tracking identifies and monitors a person’s visual attention in terms of location, objects, and duration."
Learn more about how the study of the physiology and anatomy of the eye brings insight to human brain activity.
Do companies really record my browsing experience?
In many cases, companies record your browsing experience to make your experience better and more convenient. Your browsing experience is recorded to understand your preferences and typical browsing habits. This gives advertisers an idea of what type of ads you will respond to. Sites like Youtube or Netflix use what movies you watch or click-on to recommend similar types of movies or content. Google records your searches to understand your interests and needs.
Learn more about how companies record your web browsing experience.
Can trackers evade the blockers I have set up?
Ad blockers like Ghostery or Adblock were great browser extensions to stop online tracking. However, more recently, something called “bounce tracking” or “redirect tracking” hides trackers inside the links you click on, making them harder to block without breaking websites. Bounce tracking has now become a widespread issue.
Find out more about bounce tracking.
Does disabling Third-Party Cookies and Ad Trackers really do anything?
How do I disable Third-Party Cookies and Ad Trackers?
What is a Third-Party Cookie?
Third party cookies are pieces of code that are stored on a given website, that are set there by another domain or website. Here's how they differ from first party cookies:
"First-party cookies are stored under the same domain you are currently visiting. So, if you are on example.com, all cookies stored under this domain are considered first-party cookies. Those cookies are usually used to identify a user between pages, remember selected preferences, or store your shopping cart. You can hardly find a website nowadays that does not use first-party cookies."
Third-party cookies as are cookies that are stored under a different domain than you are currently visiting so, for example, A Facebook Pixel or DoubleClick Cookie is considered third-party cookies. They are mostly used to track users between websites and display more relevant ads between websites
Find out more about third-party cookies
What is an Ad Tracker?
Ad Trackers that are commonly used by advertisers to understand where users on web pages are going to help them understand their behavior typically with the goal to increase their purchase activity. Some common ad trackers include
Cookies enable the collection of this information including your preferences on a site, how you're using it etc. Cookies are Cookies are blocks of data that are created by a web server while a user is browsing a website and put on the user’s device or computer by the web server. Each cookie has a name value, and a value that is to be stored on the user’s device. Cookies are blocks of data that are created by a web server while a user is browsing a website and put on the user’s device or computer by the web server. Each cookie has a name value, and a value that is to be stored on the user’s device.
Here are a few articles about cookies and web trackers:
What is Google Analytics?
Google Analytics has enabled the growth of the digital marketing industry. Through its web analytics platform, Google Analytics track and analyze actions on a website, such as the number of visitors, number of page views. Through its association with ad serving platforms, marketers will understand and make decisions based on the performance of their digital marketing campaigns. The core technologies for Google Analytics are cookies and tracking codes to measure this performance.
Overtime, Google has been a pervasive technology and is being used by over 28 million websites worldwide.
The information that Google Analytics collects is critically important to advertisers. Because of this, Google has come under fire for the amount of data it's collecting without the individual end user permission. This is concerning from an individual privacy perspective.
Check out these articles for more information:
What is Facebook Pixel?
A Facebook pixel is a piece of code that you place on your website and collects data from customers of Facebook. This pixel helps advertisers track purchases, and helps optimise their ad placements and ad spend to build more effective digital campaigns. It works by placing cookies to track user behavior as they interact with the advertiser's business both on and off of Facebook and Instagram.
Find out more about Facebook Pixel
What is the difference between data privacy and data security?
Data privacy and data security have been used interchangeably, however, they are different. Data privacy is about the governance of personal information. This is typically defined by privacy legislation and provides the laws to give consumers and individuals more rights when it comes to companies who collect, use and disclose the use of their personal information.
Data security specifies the rules and best practices that a company should follow to ensure the personal information they store and use within their systems are kept safe. Most of this requires technical safeguards to minimize the chances information is leaked or data is breached from the system.
What is the Right to Rectification?
Individuals have the right to correct any inaccurate or incomplete personal information about themselves. Businesses must make it easy for customers or subscribers to make this request and have it resolved without delay.
What does consent mean and what does that mean for me?
When a company collects personal information, individual consent or permission must be given to allow that company to collect, use and disclosure this information. Generally speaking, there are two types of consent an organization may obtain:
1) Explicit Consent (also known as express consent.) In this case, there needs to be clear, documented consent, given either verbally, written or through another form of digital attestation (for example, video or audio.) Disclosure of the purpose for which the data is being used must be made at that time. A common example: an individual subscribes to an email newsletter. When s/he will submits their information, they subsequently receive a link in their email to provide “explicit consent."
2) Implicit Consent (also known as indirect or inferred consent.) Individuals may voluntarily provide information to a company to collect and use the information for specific purpose(s) given at the time. For example, retailers may ask customers for implicit consent to send them emails so they can receive relevant offers.
For the most stringent privacy legislation—known as the GDPR—this means that the personal information must be freely given, consent must relate to a specific purpose, and the individual must fully understand why the data is being collected.
As easily as consent is granted by an individual, a company must make it just as easy to allow an individual to remove their consent or opt-out.
Do I have the legal right to delete my data?
The short answer is that it depends, but probably not. The truth is it depends on the company.
Why? Data protection laws in the US are very fragmented. A small handful of states have decided to legally protect their citizens from the extractive model of most companies on the internet but many states have not. That doesn't mean that individual companies can't give you that right without being required to by law (like we do) but ultimately, at this point in history, it's up to the company's discretion unless the state or nation legally requires it out of them.
You can learn more about what rights you have in your state here: https://iapp.org/resources/article/state-comparison-table/
How long does it take to respond to a data access request?
The short answer is that it depends. The first question is whether or not your state protects you at all. You can find out more here: https://iapp.org/resources/article/state-comparison-table/
If your state has legal requirements for companies to protect its citizens, time to respond to data request still varies and in most cases is not automated. Some states require companies to respond within 30 days, some give companies 45 days, some give 60 days.
The number of days is also dependent upon when the request is received. For example, if it took the company 10 days to get to your email, most companies then have the legally defined response days from the date the email was opened.
Lastly, a company may make an extension request that doubles the amount of time they have in order to respond. This varies across jurisdictions.
What are my rights as a user (or "data subject")?
This is a tricky question that depends on where you live. The most common data rights being fought for are:
- Right to Access
- Right to Rectification
- Right to Deletion
- Right to Restriction
- Right to Portability
- Right to Dispute Automated Decisions
These rights are not guaranteed for everyone around the globe. For full detail as to what rights you have as a citizen of the United States, you can view the US State Comprehensive Privacy Law Comparison by the International Association of Privacy Professionals (IAPP).
What is a "loyalty-binding" agreement?
One of the biggest problems with legal documents today is that for small businesses, it feels like you're serving divorce papers to your customers, clients and other members of your business eco-system. That is not how you want your customers to feel.
Our goal at Pulse is to make sure you feel just as comfortable extending policies to your people as they feel reading and agreeing to them. That's why we call our policies, contracts and other legal documents "loyalty-binding" agreements.
What is the Right to Understand?
The majority of data policy is written at a post-graduate reading level in language. In the US, those over 25 years of age who have graduated with a bachelor degree make up roughly just over 1/3 of the population. The average American reads at an eighth grade reading level or below. This means for the average American, the ability to comprehend data these complex data policies is low.
We believe people deserve a Right to Understand and have made that very clear to lawmakers around the nation. To read more about this idea, you can check out this this article.
Do 'human-readable" policies put my business at greater risk of legal action?
In short, no. Here's why:
Lawyers have spent years perfecting the legal documents that now control our world. The problem is the majority of us are unable to understand any of the policies without lawyers.
The current state of legal policy is a world built by lawyers for lawyers–so complicated the average person depends on the legal system. This has created a costly impact on society that we believe needs to change.
Any policies, contracts or other legal documents created by Pulse are just as descriptive but use more human readable language. We believe this actually creates better clarity, description and, hence, more protection.
By default, all policies are written to be understood by the average person. We also have built our policies to be visual and interactive so that information is given in digestible chunks within the context of your interactions. This makes policies even easier to understand, engage with, and thus easily to provide consent.
So no, your business will not be a greater risk legally. In fact, we believe your business will be set up for even greater success because people trust you.
What happens if laws update around the globe? Do I need to be watching for changes to data policy?
In short, no. Nothing will happen to you if the laws update because we'll update your policies for you. And if there's anything significant (if there are any "material changes" to the law) and we need you to manually update things or give us more information, we'll let you know to give you plenty of time to respond.
What is the biggest problem small businesses have with data policy and how does Pulse solve it?
One of the biggest issues small and medium businesses (SMBs) have with data policy is that the overwhelming majority are just getting familiar with the internet, at the same time, recognizing what data they're collecting, how it's being used, and why.
Pulse reverses the current paradigm of you, the small business owner, who needs to know all these details. Pulse lets you work with a system that does the thinking for you—as if you were working with a lawyer.
That means instead of telling us all of the data you're collecting, what servers in which they're stored, who has access to them, for how long, etc, you simply tell us what site(s) you're using to build your digital experience, integration(s) you're using, how many people visiting your site, and a few other details, and we'll do the rest for you.