The EU General Data Protection Regulation (GDPR) defines any identified or identifiable person as a data subject. To enable personalization on the websites on which you install Personalization, it may store personal data, which based on the GDPR can be broadly defined, as demonstrated in the following information from Article 4 (1):
“[Any] information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.” Some examples of personal data include, but are not limited to: name, personalized email address, mailing address, phone number, dynamic and static IP addresses etc.
GDPR allows data subjects specific rights (also known as data subject rights) relating to the storage and handling of any gathered data about them.
To ensure your needs about the management, reporting, and removal of data subject information are met per the requirements of GDPR, Personalization includes several methods you can use to complete the required tasks as described in the following documentation, along with more information about how Personalization stores personal data.
How Personalization obtains and stores personal data
Personalization uses both profile fields and identifiers to store personal information for data subjects described in the following sections.
Profile fields
Personalization tracks visitors to websites as profiles. You can view the profiles in the Personalization interface by clicking the Personalize tab, and the People link.
For more information about profiles fields, see the following resources:
Identifiers
Identifiers are used to identify and track visitor profiles. Some identifiers are resolvable, which means their value is unique for an individual. An example of a resolvable identifier is email address. Some identifiers are non-resolvable, which means their values are not unique across profiles (such as name).
Personalization assigns a default, resolvable identifier (tracking ID) to each visitor profile. Use API endpoints to configure other identifier values for profiles (such as email address, name, and Facebook ID).
For more information about profiles fields, see the following resources:
Personalization default data collection with Drupal module
For websites using the Personalization Drupal module, the following attributes are collected by default, without any configuration, about the visitor and their behavioral activity.
Note
Individual implementations may choose to collect more or less data about visitors and their behavior patterns at their discretion. The following table represents only the default data collected by Personalization.
| Attribute | Example |
|---|---|
| Content Title | Acquia: Experience Digital Freedom |
| URL | https://acquia.com |
| Referring URL | https://google.com |
| User Agent String | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36 |
| Client Timezone | 300 |
| Visitor IP | 172.1.1.1 |
| Content Type | Landing page |
| Page Type | Node page |
| Post ID | 123 |
| Content UUID | 123e4567-e89b-12d3-a456-426655440000 |
| Content Language | en |
| Content Published Date | 1495833862 |
Data subject rights
Data subjects may be users of the Personalization group of products, visitors of websites using Personalization (which can include hosted subscribers), or potentially both.
Data subject rights for users
Using the Personalization interface, you can read, remove, or rectify the gathered data for users. Depending on your needs, you can also use the Users API endpoint to complete the tasks.
Data subject rights for visitors
The following table describes how Personalization product users administer the data subject rights for visitors:
| Right | Description |
|---|---|
| Right to be informed | Personalization identifies visitors based on browser cookies, and Personalization users configure the visitor data obtained. Personalization users must communicate both the data gathered to website visitors and to the users’ privacy policies. |
| Right of access | Personalization users can use either the Visitor Query API endpoint or a file export from Personalization to view gathered information relating to a visitor profile. |
| Right to rectification | To change person fields, users can either use the updatePerson JavaScript function or do a file import with updatePerson as event_name. To change identifiers, users can use a combination of the PUT and DELETE endpoints of the capture identity API. |
| Right to erasure | Using the File Import API, users can import a purgePerson event to erase a specific visitor profile. The process removes any personal identifiers from the profile (including the tracking ID, email address, and name) and invalidates the profile by assigning it an anonymous tracking ID. |
| Right to restrict processing | Personalization provides a Users can configure the |
| Right to data portability | Personalization allows users to bulk export visitor data as comma-separated value (CSV) files to S3 storage on Amazon Web Services (AWS) by using either the Personalization interface or an API endpoint. Alternately, Personalization users can use the Visitor Query API endpoint to fetch data relating to individual visitor profiles. |
| Right to object | You can configure the setDoNotTrack flag for individual visitors when Personalization users want to pause processing for those visitors. For more information about the setDoNotTrack flag, see setDoNotTrack - Personalization JavaScript API. |
| Rights in relation to automated decision making and profiling | Personalization users define both the data collection parameters and how to use those parameters for defining segments. Users decide which content is served to which segment. Acquia suggests users (as a part of their own GDPR efforts) have their own policies answering profiling-and-decision-making-related queries from their data subjects. |