Privacy Notice
Browser cookie
The Attraqt activities SDK uses persistent cookies (browser local storage) to store the session id of a user or a boolean representing the opt out option of the user. The session id is either provided or generated by the SDK. When generated, it will be represented by a UUID.
The cookie is persisted until the user clears the browser cache.
Server side data processing
Collected data
| Data points | Purpose | Data processor |
|---|---|---|
Session id and the anonymized logged in user id (email, username, user id) | Cookie matching feature and calculation of user journeys | Attraqt |
User traits (you decide what exact information is being sent) | Enables the use of personalization algorithms | Attraqt |
Users IP addresses | Operational monitoring (capability to implement active protection and to do post-mortem security reports in case of attacks and breaches) | Attraqt |
Personal data removal policies
Activity events data
User information is anonymized, and impossible to retro-match to an individual user. All users activity data will be stored on the Attraqt platform as long as the client contract dictates the access to services.
Operational data
The policy for operational logging is as follows:
Online log analysis sub-system (ELK) - rolling window of 2 months.
Backup of logs - 2 years. Purging occurs on regular monthly basis.
Security measures
Segregation
Changing security settings - privileged administrator access only for dedicated and trained team.
Encryption applied to logging storage.
Communication over Internet uses secure transport protocol (HTTPS/SSH).
Place of processing
User data (ids, traits, IPs) is stored and processed in EU. Activity events are stored and processed in EU and the same region as FHR or XO.
| FAS/XO region | User data (ids, traits, IPs) | Activity data |
|---|---|---|
EU | EU | EU |
US | EU | US + EU |
AP | EU | AP + EU |
Last updated