In this article we describe how data is collected on your website, how long it is stored for, how it is passed to your Emarsys contact database and how all of these are affected by data protection legislation (in particular GDPR).
Emarsys is not a law firm specializing in data security legislation, and we do not offer legal advice. We want to help you to understand how this legislation can affect you as an Emarsys customer, and this article assumes that you are using the Emarsys Marketing Platform properly, according to our documentation.
You should always refer to a qualified legal source when it comes to checking whether or not you are compliant in any given situation.
Web Extend and GDPR
- Web Extend and GDPR compliance
- Opting out of behavior tracking
- Retrieving or deleting historical data on request from a customer
- I'm not sure - I still want to disable Web Extend
General information on web data collection
Web Extend and GDPR compliance
In order to understand Web Extend in terms of GDPR compliance, you need to differentiate between its two functions:
- Tracking visitor behavior on your website and storing this data indefinitely in the Web Extend database.
- Enriching individual contact profiles in your Emarsys database with this data.
1. Tracking web behavior
You do not need to disable the Web Extend scripts in order to be GDPR-compliant!
- Anonymous data is collected from visitors who have not yet logged in or registered, and is used to build product affinity models as well as to offer generic recommendations such as the most-viewed or best-selling products. Once a visitor logs in, the data from that session becomes pseudonymized.
- Pseudonymized data is associated with an individual visitor but cannot be directly linked to a contact in your Emarsys database, nor used to establish the identity of any natural person.
2. Enriching contact data profiles
The Web Extend database regularly updates your Emarsys account with the data it has collected on visitor sessions. Here the pseudonymized identifiers for these sessions are matched to the identifier keys stored in your Emarsys contact database.
- In the case of externalID, this key is entered in a custom field created by you.
- In the case of Emarsys emailhash as identifier, the key is stored in the predictUserId and predictSecret contact database fields.
This is the point at which the GDPR restrictions on data processing and data subject rights become more significant, mainly in the form of these three obligations:
- To offer the customer the chance to opt out of behavior tracking
- To retrieve all the data you have on the customer
- To delete all the data you have on the customer
When Web Extend sends the data to your Emarsys contact database to enrich contact profiles, this takes place within the Emarsys data security infrastructure and is covered by our security accreditations.
Opting out of behavior tracking
2. Opting out of profile enrichment
You can give your registered customers the option not to have their contact profiles in your Emarsys contact database enriched with the data collected by Web Extend. This will not affect the way the cookies behave on your website, but will simply break the connection between the pseudonymized data and the contact's database profile.
When registering new contacts
For existing contacts
In both cases, you should implement a suitable method to change the value of the field Do not track me to
Retrieving historical data on request from a customer
The process is the same as described above for the opt-out. You should collect the email address of the contact and attach them to a support request. We will then execute the desired action within the 30-day limit as prescribed by GDPR.
I'm not sure - I still want to disable Web Extend
If for some reason you are still not convinced by what you have read so far, and still want to disable Web Extend on your site, we have one last option for you.
You can submit a support request to stop the Web Extend database from syncing with your Emarsys contact database. When we suspend this function, no contact records can be updated with any data collected on your website.
The advantage of this option is that you can still continue to collect generic, anonymous data on visitor behavior, which will at least help to build up the statistical models for product affinity, as well as track the most-viewed and most-bought products. However, you will not have any of the advanced features such as revenue attribution or personalized recommendations available.
When you ask us to resume the sync, only the previous two or three days' worth of data will still be available to enrich the respective contact profiles.
Which data is collected and stored by the Web Extend commands
This data is used to build the statistical models that underpin many of our personalization algorithms.
The data collected is:
- Browser and version
- Operating system
- Referring URL
- IP address (hashed and abbreviated)
- Session and cookie IDs
setEmail command does receive a personal data (US: personally identifiable information, or PII) as input: the contact's email address.
However, this email address is hashed using a proprietary algorithm in the end-user's browser, and only this hashed ID is passed on to and stored by Web Extend.
Reverse engineering the hash is beyond reasonable efforts by today's technology.
Email address as identifier in Sales Data files
A subsystem of Web Extend, the Sales Data Service, also receives personal data/PII (the email address of the contact) for input in some implementations.
setEmail, this email address is hashed immediately as the file is processed, and only this hashed ID is stored with these sales data files.