I would be interested in and grateful for any views relating to the
following:
I have come across a situation where a client has designed a website for
selling services online. As part of the process, they have put together a
robust privacy policy and marketing data protection notice (that covers all
channels) based on a opt-out (they are aware of future changes regarding
the new communications directive). These are provided to site users in
advance of any transmission of information.
However, they have designed the site whereby the user is only advised what
fields are mandatory 'after' they have completed the fields on a particular
page and pressed enter to move to the next page (note: this is not the
submission page).
A message is displayed at the base of the page indicating those fields that
are mandatory.
I have reviewed the fields and do not feel that the type of information
they are collecting is necessarily excessive (case by case basis according
to the Information Commissioner) but would be interested for views on
whether this form of collection would render the information
collected 'excessive' by virtue of the fact that they should have
asterisked or highlighted compulsory fields. The type of information
collected is mobile phone number, evening phone, email address etc
The costs involved in changing to notification of mandatory fields in
advance are considerable now the site is set up and we want to avoid this.
It may also be costly to put a notice earlier in the site to advise users
that only certain fields are compulsory.
I would be interested to know if DP minds greater than my own might find a
window in this one that could argue that this is not excessive on the basis
that users do not have to complete these fields.
Thanks
Jonathan
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|