Site Approval Seal Program

Guardian eCommerce receives many Web site site seal or privacy seal applications, but not all Web sites are approved. In fact, about 6% of Web sites applying for participation in the Privacy Seal Program have failed the Web site certification for compliance with Guardian eCommerce site requirements and/or these Web site code of ethics. Guardian eCommerce has adopted these site seal code of ethics that Web sites must comply with to achieve and maintain their Privacy Seal Program site certification status. These code of ethics have been established to maintain the online privacy and e-commerce security of consumers while acting as a means for Web site certification. It also serves as a reference for how approved Web sites should conduct their e-business activities. Web sites displaying the privacy seal are also committed to abiding by a privacy policy that gives users notice, choice, access, security, and redress with regard to their personal information.

The following Code of Ethics (hereinafter: the Code), is designed to guide Web sites on how to conduct their operation in an ethical and respectable manner. These guidelines represent the minimum requirements for Guardian eCommerce Privacy Seal Program participants engaged in e-commerce which will increase customer trust and confidence. The Code serves the following purposes:

• First, the Code provides standards for Web sites to follow, enabling them to operate in a safe and private manner. Adherence to the provisions of the Code will be a significant factor for Web site certification, especially in subsequent follow-up Web site evaluation reviews. Approved Web sites must comply with these code of ethics and independently establish the means necessary to ensure long-term compliance.
• Second, the Code is the basis for which all consumer complaints against approved member Web sites will be substantiated and measured. Member Web sites must agree to follow the Code and use it as a basis for resolving customer disputes, if any, at the customer's request. A Web site approved by Guardian eCommerce is essentially a Privacy Seal Program participant, demonstrating its commitment to the Code's online privacy and e-commerce security fundamentals.
• Third, the Code contains practical guidelines for which member Web sites should follow. While the Code establishes goals and requirements for Web site certification, it is entirely the responsibility of the Web site to independently apply the Code to their online business model accordingly. The Code and Web Site certification does not address whether the laws, if any, of any particular jurisdiction apply to the Web site's activities. Therefore it is advised that Web site applicants make their own independent determination to ensure that their practices are in compliance with applicable laws before registering into the Guardian eCommerce Privacy Seal Program.
• Fourth and finally, e-commerce is developing at an astronomical rate and this Code may need to be modified from time to time to keep it current with: the evolution of e-commerce, new and emerging types of online business, new and emerging strategies for e-business, and customer needs. Guardian eCommerce reserves the right to update the Code as required.

The Code will make several references to 'Web sites', 'online business', and 'e-commerce' Web sites. For the purpose of understanding the Code, 'Web sites' or 'online business' are online entities that are engaged in any one, or all, of the following online or online business activities: advertising, merchandising, purchasing, marketing, sales and promotion, selling (goods, brand, product, and/or services), consulting, trade agents, other agents, and online information sites (no e-commerce), participating in the Privacy Seal Program.

The following statements represent the seven fundamentals upon which the Code and most importantly, Web site certification is based. Guardian eCommerce will only approve Web sites that demonstrate continued compliance to the Code that encompasses the following fundamentals:

Section One:  Honesty And Integrity - Web sites must conduct their activities in a genuine and honest manner, and should not engage or participate in deceptive or misleading practices or business or activities with regard to any aspect of e-commerce, including advertising, marketing, selling, or in their use of technology. Web sites must be remain truthful, maintaining Web site credibility and business integrity at all times.

Section Two:  Disclosure Of Information - Web sites must disclose to their visitors and prospective customers sufficient information about the online business, the goods or services available for purchase, and/or the transaction(s) to be executed. Consumers cannot make a 'hands-on' inspection of anything being offered on the Web, so offering as much detailed information about products and services would be ideal. Disclosure of information must always be in simple, plain language, maintaining accuracy and truthfulness. Where possible, Web sites should prominently display full Internet business name, contact information, legal identity, and operating address in any one of the Web site's functioning pages. Consumers should be able to easily access this information within the Web site.

Section Three:  Terms Of Sale (Goods Or Services) - Web sites must display, or at least have readily available upon demand, a clear set of terms and conditions of sale, (goods and/or services). Online consumers need to know all the terms and conditions that apply to their purchase(s) or business transaction, including: the 'net' price and currency in which the published price is calculated, shipping charges, taxes, customs duties, customs broker fees, any other charges that will be added to the published price, delivery arrangements, limitations on where the product is for sale or can be shipped, cancellation, return and exchange policies, warranties, if applicable, and any other associated costs. Terms and conditions of any online sale should be located in one easy-to-find place on the Web site, (i.e. Legal Policies section).

Section Four:  Trust, Online Privacy, And E-Commerce Security - Online business Web sites must adopt an online business practice that encompasses the respect for online privacy, e-commerce security, consumer protection, and trust:

• Online Privacy - Web sites should treat customer personal information with privacy, security, and care. Web sites must utilize a privacy policy that not only gives users notice, choice, access, and security with regard to their personal information, but also addresses the online privacy concerns of consumers and Web sites. Address the online privacy of customers and users by developing a privacy policy. The Web site's privacy policy must be posted on the Web site, or, Web sites should make sure this is immediately available when requested by the customer. Web sites must adhere to a privacy policy based on fair information principles, taking appropriate measures to provide adequate security, full disclosure, and respecting customer preferences regarding unsolicited email. Web sites are strongly advised to create a privacy policy that is reflective of Guardian eCommerce's online privacy principles. Although not mandatory for Web site certification, Guardian eCommerce performs Web site certification based on these online privacy principles.


• Unsolicited Email - Although email makes it very easy to reach a large number of customers, sending out unsolicited email or repeated commercial email (spamming) is likely to do more harm than good to a Web site's reputation. If a Web site intends to send unsolicited email, it must do so with the means of the customer having the option to refuse, unsubscribe, (or 'opt-out') of further emails, and such customer requests must be honored by the Web site.


• Open Disclosure - If Web sites intend to use any of the personal information collected from their customers, by selling it to a mailing list, for example, Web sites MUST get their consent first OR CLEARLY specify this intention in the legal and/or privacy policy area of the Web site. Web sites should be straight-forward and up-front about its intentions including how personal information is used, transaction systems employed, if any, and the degree of security it provides for customers and their financial information.


• SSL Seal And SSL Security - Web sites must utilize SSL security for any e-commerce activities (financial information collection, online transactions, etc.) conducted. Online transactions of any kind should transpire only in an SSL secure environment that may be identified by an SSL Seal. Representations made about a Web site's SSL seal or SSL security will be verified. Online payments to be conducted within the Web site MUST be in an encrypted SSL connection, (SSL session encryption strength, SSL server certificate, SSL certificate authentication, and SSL certificate expiry will be analyzed for 'actual' e-commerce security provided vs. posted. The Privacy Seal Program 'Approved Site' acts like an SSL Seal mechanism. An SSL Seal displayed on a Web site means that the Web site uses secure SSL session encryption. To obtain the SSL Seal or Privacy Seal, our approved Privacy Seal Program certified sites must utilize SSL security where applicable. SSL technology utilization is recommended for all transmissions of sensitive personal online consumer and financial information. Web sites that meet these code of ethics will be issued the Privacy Seal or SSL Seal.

Section Five:  Customer Satisfaction - Web sites must seek to ensure their customers are satisfied at all times by honoring their representations, answering questions, and resolving customer complaints and disputes in a timely and responsive manner. Web sites should independently implement the measures necessary to maintain customer satisfaction and ultimately respect the customer in all facets of online business activities. Web sites should try to enhance online consumer confidence by providing them with an effective, but simple, process for handling complaints, concerns and inquiries.

Section Six:  The Protection Of Children - If Web sites target children under the age of 13, then extreme care should be used at all times. Web sites should try to protect children at all times, taking into consideration that a child's mental capacity is limited. Children under the age of 13 are still developing mentally, and almost all have cognitive limitations. Therefore, online business and other Web sites must govern their actions accordingly, using extreme care when targeting children under the age of 13.

Section Seven:  Abiding By The Law - Both e-commerce Web sites and information-based Web sites must ensure their online or e-commerce activities and practices fall within their established legal boundaries and is in accordance with their local, state, provincial, and federal laws, if and where applicable. Where no definitive law is applicable to one or all online or e-commerce activities of a Web site, then the site in question must execute the use of good morals and sound judgment in its activities or practices. Otherwise, Web sites or e-commerce Web sites must operate in accordance with governing law. It is up to the Web site operator(s) or owner(s) to independently check, verify, and confirm that it functions in a manner that is legally acceptable.