loader image

Monitoring & Consulting

Websites, apps and other online services change over time, as do privacy laws and best practices. As a result, it is essential for companies to keep a watchful eye on their privacy practices. That is why the ESRB Privacy Certified program provides ongoing monitoring and consulting services designed to identify potential issues on an ongoing basis and work with members to address them quickly and effectively. Thanks to its individualized services, ESRB Privacy Certified helps members maintain compliance with privacy laws and established best practices.

Compliance Reports

ESRB Privacy Certified conducts two reviews each year for every website it certifies while randomly checking members' mobile apps to ensure their published privacy policy is accurate and up-to-date. Ongoing information about compliance helps companies achieve and maintain the best results.

Spot Checks

Regularly conducted spot checks identify areas for improvement. These checks involve ESRB staff posing as a user to assess how the website or app collects and uses its users' personal information. This hands-on, individualized approach helps identify risks before they become actual problems.

Dispute Resolution

We help member companies develop an internal dispute resolution program and offer mediation, if needed. Our Consumer Online Hotline is always available to consumers who have not satisfactorily resolved a privacy issue with a member company.

Consulting Services include:

Initial Compliance Review and Written Assessment regarding relevant state and federal privacy laws in the United States, including COPPA and CalOPPA.

Guidance provided with respect to:


  • TCPA (as it pertains to text messages)


  • PIPEDA (Canada)

  • GDPR (EU)

  • APEC Cross Border Privacy Rules system

Compliance Review and Policy Recommendations for:

  • Privacy policies (reconciliation with EULA, TOS, etc)

  • Engaging users under 13 years of age

  • Mobile gaming and apps

  • Parental consent process

  • EU-U.S. Privacy Shield Framework self-certification

  • Online parental controls or mobile device settings

  • Chat rooms/forums

  • Age gating

  • Online and Multi-player gaming

  • In-game chat

  • Behavioral advertising and use of cookies

  • NAI guidelines

  • Social networking

  • Sweepstakes and contest rules

  • Registration pages and forms

  • E-mail and mobile (SMS/MMS) campaigns

  • Newsletters

  • Vetting third party vendor privacy policies and practices

Additional Services

  • Age/identity authentication services in partnership with Veratad Technologies

  • Translation services

  • Legal referrals outside of the U.S.