This paper presents SecPALP, a language for specifying both users’ preferences on how their personally identifiable information (PII) should be treated by data-collecting services, and services’ policies on treating collected PIIs. Preferences and policies are specified in terms of granted rights and required obligations, expressed as assertions and queries in an instance of SecPAL (a language originally developed for decentralized authorization). This paper further presents a formal definition of satisfaction between a policy and a preference, and a satisfaction checking algorithm. Based on the latter, a protocol is described for disclosing PIIs between users and services, as well as between third-party services.