When you have completed installation, Send an email to validate@p3pbuilder.com to have your site validated. The Subject line should be 'Validate' and the body only needs to have your home page (http://stansberryresearch.com). You should get a response within 1 business day. *************************************************************************** * * * IF YOU PUT P3P.XML INTO THE W3C SUBDIRECTORY THEN DO NOT ADD ANY HTML * * P3P LINKS TO ANY PAGES AND DO NOT USE THE POLICYREF HEADER * * * *************************************************************************** 1. If you can create subdirectories on the web site then: a. Create the w3c subdirectory (do not use caps). b. Place p3p.xml in the w3c subdirectory. c. Do not add html links or a policyref header pointing to p3p.xml. 2. If you can not or will not create the w3c subdirectory then: a. Place p3p.xml in any web site location. b. Point each page to the policy by using method 1 or 2 (not both): 1) Using a server-side programming language add the policyref header that points to the p3p.xml location. If you are unsure of how to do this or need to combine it with a CP string then contact us. 2) Using html code add the following link to each page Note this example points to the root directory. 3. Edit file http://stansberryresearch.com/privacy.asp for grammar and to match your site. This is the only policy file you are allowed edit. 4. Install the 'Readable' file into location - http://stansberryresearch.com/privacy.asp 5. Best privacy practices are to add a policy link to any pages that collect data. Most sites just add Privacy Policy to the bottom of every page that collects information from an individual. *************************************************************************** * HEADERS CANNOT BE ADDED USING HTML TAGS SUCH AS THE META HTTP-EQUIV TAG * * * * * * NOTE: DO NOT ADD HEADERS USING STEPS 6 AND 7 BOTH. USE ONLY ONE METHOD. * * * *************************************************************************** 6. If you have access to server-side programming then add the compact policy to the HTTP header (Note 3). If your site does not use cookies then you do not need a compact policy. a. Using ASP - Response.AddHeader "P3P", "CP=""UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP""" b. Using .NET Visual Basic - Response.AddHeader("P3P", "CP=""UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP""") c. Using .NET C# - Response.AddHeader("P3P", "CP=""UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP""") d. Using Cold Fusion - e. Using PHP - header("P3P: CP=\"UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP\"") f. Using PERL - print "P3P: CP=\"UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP\"\n"; 7. If you need to add the CP using your server INSTEAD OF a programming language from step 6. a. Apache - Use notepad or your control panel to edit the .htaccess file. Enter the following all on one line: Header append P3P "CP=\"UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP\"" b. IIS - Under 'My Computer' select 'Manage', 'Services and Applications', 'Internet Information Services', 'Default Web Site'. Then right-click the website and select 'Properties.' Select the 'HTTP Headers' tab and 'Custom Headers' 'Add.' The name is P3P and the value is CP="UNI STA NAV COM INT DELi CUR TAI NON COR BUS DSP" *************************************************************************** * * * NOTE: DO NOT ADD HEADERS USING STEPS 6 AND 7 BOTH. USE ONLY ONE METHOD. * * * *************************************************************************** 8. If you are not sure how to proceed, send us an email describing the issues involved. 9. If you have blocked cookies after you install the compact policy, the most efficient path to follow is usually notifying us and providing enough information so we can observe it. Note 1: The HTML policy file may be edited to ensure it matches your site format. Note 2: Do not edit the CP string content or the XML policy will not match the compact policy. Note 3: P3P headers MUST be added before any content is delivered to the browser. Put your header code before the tag. Also note that in all cases the actual CP string is always delivered in double quotes inside the header.