Getting started

Use the P3P Policy Editor to create a privacy policy for your Web site that can be interpreted by user agents, such as Web browsers, that support P3P. While you are working on your policy, the editor checks for conformance with the P3P specification and displays policy errors and warnings on the Errors tab.

To create a P3P policy without errors, define global properties for the policy and declare data elements by moving them into one or more data groups. When a data element or data set is moved into a data group, it is declared as part of the policy and known as a policy element. When the P3P Policy Editor is first started, a quick start menu is displayed that allows you to work from a blank policy, choose one of the supplied templates, or to edit an existing policy.

If you choose to disable the quick start menu, the editor loads a blank P3P policy at startup. This section demonstrates some of the capabilities of the editor by showing you how to modify a blank policy and save it without errors. If you have already made changes in the editor since opening it, click File --> New to start with a blank policy.

  1. Select the Errors tab in the Your Policy pane of the main editor window. This tab displays a list of policy errors and policy warnings.
  2. Click Policy --> Policy Properties . The P3P Privacy Policy Properties panel is displayed. This panel is used to set global properties for the policy.
  3. Enter the Organization name .
  4. Enter at least one type of contact information (e-mail address, phone number, or mailing address).
  5. Click the Web sites tab and enter the URL of human-readable privacy policy . This is the location where users can read about the data your organization collects and how it is used.
  6. Select the Assurances tab. This tab lists services or procedures that you set up to assure users that your organization's stated privacy policy is monitored or verified.
  7. Click Add . The Dispute Properties panel is displayed. This panel is for adding or modifying a dispute resolution service or procedure.
  8. Enter the URL of the customer service or independent organization Web page, or the URL that contains information about the relevant court or applicable law used to assure that the privacy policy is followed.
  9. Click OK to close the Disputes Properties panel.
  10. Click OK to close the P3P Privacy Policy Properties panel.
  11. In the Groups pane of the main editor window, right-click the New Group object and select Properties from the context menu. The Group Properties panel is displayed. Groups are used to specify the purpose and recipient of one or more data elements.
  12. Select the Purpose tab and check one or more items that describe why the data is being collected.
  13. Select the Recipient tab and select one or more recipients of the data.
  14. Click OK to close the window.
  15. In the Data Elements pane of the main editor window, select a data set or data element to copy into your group. Each group must contain a data set or element that describes the data that you collect at your Web site. You can copy the data element by dragging it into the group with your mouse or by clicking the Move tool. When you copy data to a group, the data element appears under the Policy Elements tab in the Your Policy pane.
  16. Select the Errors tab in the Your Policy pane. The contents should be empty. If not, click Policy --> Refresh Policy .
  17. Click File --> Save Policy As and save your policy with a .p3p extension. You can also save your policy with a .xml extension for Web servers that are not configured to recognize P3P files.

Now you have just generated your first P3P privacy policy without errors or warnings. However, this policy does not reflect your organization's practices for collecting and using data from users or describe the type of data being collected. For information about setting up a privacy policy that corresponds to your organizations published policy, see the following topics: