Plaxo respond to privacy and other issues
Further to my column in this week’s FEER and WSJ editions about the contact updater Plaxo, here’s the company’s full responses to my questions about the product.
1. How exactly does Plaxo hope to make money from the venture? If this information is still private (as I’ve seen in other articles), why? And how do you convince members of the public to entrust their private information with you if it’s not clear how you make money from it? I saw reference to a corporate edition as the product that will be charged for. Is that to be the only source of revenue?
Plaxo has a very simple, straightforward way for making money. In the future, we plan to release a premium version of the product that includes new business-oriented features that will include a license fee. We will continue to remain focused on making the free personal use version of Plaxo as good as we can make it: listening to feedback, improving the product and adding new features.
2. And what exactly happens to my information if I don’t subscribe, or to update my information, but if it’s been entered by someone else? Is that information, and the individual concerned, covered by your privacy statement?
Based on your privacy statement — (from http://www.plaxo.com/support/privacy)
The information in a Plaxo member?s address book (“Your Contact List”) is considered to be owned by them. Plaxo does not make this information public or provide any mechanism for anyone else to access this information. From the Privacy Policy:
“Your Contact List will not be shared with anyone and will only be used to provide you with secure, web-based access to its data and to run the Plaxo Contact Networks? (e.g., send update messages) at your request.”
Furthermore, Plaxo offers the option to remove this information from the servers when it is no longer needed (e.g. to send an update request):
“Your Contact List: you can elect not to store your entire contact list on Plaxo’s servers, except to the extent needed to run the Services you choose to use (names and email addresses).”
Plaxo does not provide any way to share one?s account information and contact list with others. Except, of course, your email address is shared with those people that you send update request emails to. Plaxo offers an Autoreply account on the web for those users that cannot or do not wish to download the Plaxo software, but still want to automatically respond to update request emails coming from Plaxo members. When you create this account you enter the information that you want Plaxo to automatically reply with. By creating this account, you are automatically granting permission to share the information to anyone who sends you a Plaxo update request email.
Plaxo?s privacy policy covers all the contents of a user?s contact list. We understand that that this list may include contact information for people that might not have subscribed to Plaxo, Inc and might not ever try to update this information. As part of an account-holder?s contact list, this contact information is protected under Plaxo?s privacy statement.
3. “We use Your Information:
To enable you to use the Plaxo Contact Networks?;
For license reporting and assessment of service levels; and/or to better understand on an aggregated basis how our products are used, gauge traffic patterns and determine what types of content and services are most popular with users of our products and services. “
Could you please explain exactly what “and determine what types of content and services are most popular with users of our products and services” means and how it works in practice. Does this mean that information about browsing and other computer/Internet activities on a Plaxo-installed computer is being monitored and sent to a Plaxo or Plaxo-related computer? If so, what kind of information, exactly?
We log Plaxo feature activities to determine which features are being used and how often they are being used. For example, we track how many users use the Plaxo Reminders feature to determine if the feature is being used and if we need to improve it. This information is used in aggregate (e.g. 23% of the users have accessed a feature) or possibly to contact specific users directly for feedback about the product.
Plaxo does not monitor browsing or other user activities on a Plaxo-installed computer nor does it install any snooping software on a user machine. Plaxo monitors user requests targeted at the Plaxo server in order to track the efficacy of Plaxo-provided products and services. For example, update requests sent out by Plaxo users use one of several available email templates. We track response rates by email template so as to determine which email templates are most user-friendly.
4. “Additionally, we use Your Account Information:
To verify access rights to content, services or software;
To provide you with information about Plaxo products, services, news and events through the Software, the Site or email;
To allow you to purchase and download Plaxo products and services; and/or
To provide you with personalized content programming, instructions and services.”
What, exactly, is personalized content programming, instructions and services and how does it work? Does this mean delivery of information further to that directly related to the contact information requested by the user?
For example, we enter “Hello Rikk Carey” to your web page sign in. Or we may use your name when communicating Plaxo messages, e.g. “Rikk Carey has sent you a card.”
Some examples of personalized instructions and services:
· Weekly reminders to send out update requests for those who have yet to respond to your first update request.
· Branding: Allowing users to replace the Plaxo-standard email signature with a personalized or company-specific one.
· Tracking which ?member groups? a Plaxo user is member of and allowing member groups to link address books.
5. In this paragraph — While Plaxo uses cookies to enable you to use the Services and the Site, and our Web servers automatically log the Internet Protocol (“IP”) address of your computer, Plaxo does not use this information to identify you personally except to provide you with the features of the Services — Could you explain exactly what personally identifiable data you’re handling, and what exactly does ‘Services’ mean in this and other references? I am not clear whether Services means the specific contact-updating package, or some future additional service that Plaxo may offer.
Today, we store your email address and a Plaxo session id in the cookie for security purposes. The session id (a standard Internet security technique) is used to time-out your web session. The email address is the key that we use to match you with your Plaxo account. If these don?t match, no access. If the session id is old, no access.
6. In relation to this last point, could you explain further what those Services might involve? And how will they be tied to the Plaxo product? Will users be required to subscribe to those services to maintain a free product?
See above answer. The Services in the case of the using cookies is simply providing web access to your address book.
We will continue to update the base version of the product and make it available to users at no charge. Concurrently, we will also make available one or more ?premier? versions of the product that will require a software license fee. Users can remain indefinitely on the free version of the software. Alternatively, they many choose to purchase the paid version if they find the added features attractive.
7. In this sentence: “Members may occasionally receive information on Plaxo products, services, news and events. Out of respect for your privacy, we present you with the option to not receive these communications (link to your account Preferences on the web site). ”
I could find not preferences area on the website, only in the software, and none offered an option not to receive such communications. Could you explain, and also clarify whether the option is already checked in (i.e. opt-in) or opt out?
Plaxo Preferences are on both the web site and the software client, as well a link on the message itself (that launches the Preferences).
8. Users are likely to be discouraged, or even alarmed by this sentence:
In the event Plaxo goes through a business transition, such as a merger, acquisition or the sale of a portion of its assets, Your Information and your membership in the Plaxo Contact Networks? will, in most instances, be part of the assets transferred. You will be notified of an ownership change pursuant to Notification of Changes section of the privacy statement.
Could you explain why this might happen, and confirm whether any new owner will not be bound by any of the privacy assurances previously given by Plaxo?
This is normal legal business practice in the USA that applies to all the services that you are familiar with (e.g. Yahoo!, AOL, MSN, etc.).
9. Could you confirm whether ‘notify’ means by email or on the website?
If, however, we plan to use Your Information in a manner different from that stated at the time of collection we will notify you. You will have a choice as to whether or not we use Your Information in this different manner. However, if you have declined member communications, deleted or deactivated your account with the Services, then you will not be contacted, nor will Your Information be used in this new manner.
Plaxo currently has no plans to go through a business transition. However, if such a transition should occur, we will notify users via the website and email if you have opted to receive member communications from us.
10. Does the paragraph below indicate that anyone who has elected not to receive member communications will still have their data stored on Plaxo’s servers?
In addition, if we make any material changes to our privacy practices that do not affect Your Information already stored on Plaxo’s servers, we will post a prominent notice on the Site notifying you of the change. In some cases where we post such a notice we will also contact you, if you have opted to receive member communications from us, notifying you of the changes to our privacy practices.
The two issues are orthogonal. This clause is simply saying that if we make small changes to the Privacy Policy that do not impact Your Information that we will definitely post these on the web site and possibly, depending on the extend of the change, send them via email to those users who have not opted out.
11. I’ve received several emails from unconnected people looking for me to update my contacts. Will all those different versions of my personal data be merged into one? How will that happen exactly? And, in terms of privacy, how will that data be covered?
If you are not a Plaxo member, we do not merge this data. We treat each occurrence as if it was independent of the other. This data is the owned by the person who created the address book and will be treated as Your Contact List.
If you are a Plaxo member, you control Your Plaxo Cards, and these cards define the contact info that you will share with others.
For Plaxo Users: By creating Plaxo Cards that contain optional information that you fill out about yourself in the form of a Business Card and a Personal Card, you choose what information to send to each person. If you choose to designate a Plaxo Card as “public,” this means that if a Plaxo member includes you in their address book with one of the email addresses on the “public” card, that member will automatically receive changes you make to that card. This automatically ensures that all such users have a consistent set of contact information for you. To make a Plaxo Card “public”, you must enable “Allow people who know my email address to look up this information.”
For Plaxo non-users: A person responding to an update request has complete control over what information they provide when responding to each update request. Plaxo makes no attempt to edit or otherwise synchronize the contents of their response.
12. How many updates are sent to those contacts who have not responded to an update request?
You can choose the number of updates to be sent to a person, although it is usually one at a time.
13. What happens to the data of those contacts who do not respond to updates? Does Plaxo keep that data, and if so, what use is made of it?
This data is simply part of the user?s contact list (Your Contact List) and treated accordingly.
The data remains as part of the Plaxo user?s contact list.
14. In my testing I’ve noticed that Plaxo has no clear way of measuring whether a contact has already opened a profile with Plaxo. So, say, I have you in my Outlook and want it updated. As I understand it, an email is sent to you automatically, without Plaxo first checking to see whether a profile of you already exists. Some users have complained to me that they have received several such requests from different people, and that they’re tired of manually updating each request. Could you explain how this feature works, and confirm my understanding?
Plaxo members do not receive update emails if the email address used is one of the member?s validated emails.
If the person you are sending the update request to is not a Plaxo member, they will receive an email from you containing the information that you currently have in your address book about them and requesting for them to verify and correct it in an email reply.
However, if the person that you are sending the update request to is a Plaxo member, you will automatically receive whatever public information is available. This Plaxo member will receive a Notification (see “What are Notifications?”) that this has occurred and asks them if they would like to send more information.
Plaxo also offers an Autoreply account on the web for those users that cannot or do not wish to download the Plaxo software, but still want to automatically respond to update request emails coming from Plaxo members. When you create this account you enter the information that you want Plaxo to automatically reply with. By creating this account, you are automatically granting permission to share the information to anyone who sends you a Plaxo update request email.
15. OK, another question. You’ve clearly been very successful marketing this product, given the number of people already asking others to update their info. How did you manage this? Any particular tricks?
The product definitely has a word of mouth appeal to it. We hope many people will be interested in using Plaxo Contacts once they learn about it from their professional contacts and friends. Also, there?s no limit — Plaxo Contacts works if you have 15 contacts or 15000 contacts.