Website Privacy Validation (2/6): Is my “Do Not Sell/Share” link present on all pages?￼
The California Consumer Privacy Act (CCPA) requires that consumers can opt-out of having their personal information sold or shared by businesses that collect it on their websites. That means that if your site can be visited by California residents, then it is a best practice to have a “Do Not Sell/Share” link accessible from every entry point.
If we scroll to the bottom of their site, we can see “Do Not Sell My Personal Information” in the bottom right corner of their footer, illustrating that they're obviously making efforts to be in compliance with certain CCPA guidelines.
Using the ObservePoint platform, we set up a high-level Discovery Audit to scan 1000 pages of OneTrust’s public website. (Because they’re great at privacy compliance, a shallower audit of their site resulted in no issues, so we had to dig a little deeper to find anything we could discuss!)
An ObservePoint custom tag can be configured to look for specific words or links on any webpage. This can be done through employing "On-Page Actions" within the configuration settings of any ObservePoint Audit. We set it up here to look for the words “Do Not Sell My Personal Information" on all scanned OneTrust pages.
The results of this specific check can then be seen in the Variable Inventory report, under the tag name "ObservePoint Data."
If you dive in and look at the results therein, you will see the breakdown of what we found. In this Audit of OneTrust.com, we see that 923 pages have the “Do Not Sell My Personal Information” link (using that specific syntax). Awesome! However, that means that over 7% of the pages we audited do not have that specific string present and therefore may be falling short of the desired standard.
Now this link should probably be included in a global footer and thus available on every page on which the footer is present. So either that global footer isn't on every page, or it's been dynamically changed on certain pages for some reason. In this specific Audit, we found instances of a couple different (older?) footers on some pages that do not include a “Do Not Sell/Share” link, as well as a number of links to pages without any footer at all.
If you’d like to see how your own website fares in delivering consistent coverage of your “Do Not Sell/Share” links, reach out about getting started.
Read the next post in our Website Validation Series: Is my cookie consent banner tag present on all pages?