Privacy and Security

Sometimes you want to use your profiles without exposing all of the data inside.


For example, if you are doing website personalization with Profile Cloud you might want the website to use visitor’s browsing history on your site, which you track and store in Profile Cloud. But you might also have call center data in your customers' profiles that you prefer is not exposed to them.


Profile Cloud provides a mechanism called Blacklists that allow you to configure what data in a profile is visible to what actors.


Let’s say we have two apps, Web Personalisation and Call Center. Call Center is a Collect app that feeds data about your users’ interactions with your call center into their profiles.


By adding Call Center to the blacklist of Web Personalisation, all the call center data will be hidden from Web Personalisation. It will still get all the rest of the profile and be able to use this for personalisations.


By blacklisting apps to each other, you have full control over what data is available in what setting. This is particularly useful for open channels like the web, where you might only want to show a subset of all profile data.


Steps

Go to the bucket settings in the bucket list. Click on the App you want to add restriction to and click on “Add collect app to blacklist


An admin can set a list of IPs (or IP ranges) from which a user must connect to the GUI. For instance, to restrict the user (or anyone who would have stolen the user’s login/password) to only connect from the office IP.


To do this, go to My Account in the top right-hand corner of the GUI and click on Users. A list of users will be displayed.


Click on a user's name. A screen will be displayed (an example is shown below) showing the user's profile.


Add the IPs (or IP ranges) to the Whitelist IPs field.



A user can see a log of login attempts on their account or on all accounts in their company if they are an admin. This is a useful feature to gauge how active users are and to determine if there may have been a security breach.


Go to Account in the top right-hand corner of the GUI and click on Administration.


A list of users will be displayed showing the last login for each user. For additional detail on attempted logins, both successful and unsuccessful, click on the user's name. A screen will be displayed (an example is shown below) with a log of recent logins.


Admins can set an expiration date for users in their account.


Go to Account in the top right-hand corner of the GUI and click on Administration. A list of users will be displayed.


Click on a user's name. A screen will be displayed (an example is shown below) showing the user's profile.


Click on the field Expiration date and insert your desired expiry date.

Privacy control is functionality within the APSIS Web Data Collection app, that allows you to manage how different apps and web events related to your website are activated depending on user acceptance/rejection.


Typical uses of this functionality would be to handle cookie compliance laws, or to allow users to explicitly opt-in / opt-out of different types of data tracking and personalization mechanisms.

How it works

Privacy control works with something called Activation Policies. An Activation Policy describes how a specified set of apps or tags should be activated.


Activation Policies are defined per section, so if you have multiple sections you might need to configure multiple Activation Policies. This also means you can have different activation logic on different sections.


It is also possible to specify different activation logic for different apps. For example, some apps might be active by default, but allow users to “opt out” from, while other apps might be opt-out and require an acceptance from the user to be “opt-in”.


How to set up a new activation Policy

  • Start by creating a new Activation Policy and give your policy a name

An Activation Policy consists of four parts:

1.    A list of which apps the Policy governs.

Select the application to which you intend to add a conditional rule. An application, in this case, refers to an app or a tag.

             

2.    Whether it is an “opt-in” policy or a “opt-out” policy. 

This controls the default behavior of the selected application, meaning that the user has not provided any explicit acceptance or refusal.

  • If the policy is set to be “opt-in” it means that the application will not be activated until an explicit opt-in Event is triggered.
  • If the policy is set to be “opt-out” it means that the application will be active on the first visit and all subsequent visits, until an explicit opt-out Event is triggered.


3.    An “opt-in Event” reference, specifying the Event that signals to Profile Cloud that the user has Accepted



Any of your configured Events can be used here, or you might need to set up a new Event for this specific purpose.


If the policy is by default “opt-in”, this is mandatory.


4.    An “opt-in Event” reference, specifying the Event that signals to Profile Cloud that the user has Rejected


Any of your configured Events can be used here.


If the policy is by default “opt-out”, this is mandatory.


Example

Scenario

Imagine that we have a website which runs Profile Cloud, Google Analytics and On-Site Personalization (mainly using Geolocation).


On this site, we want to:

  • Get visitor permission before we store any data tracking cookies or save any data into a cloud service
  • Also, allow visitors to the site to “opt out” of any personalization mechanisms

To accomplish this, we would define two Activation Policies:

  • An “opt-in” policy for Profile Cloud Data Collection and Google Analytics. Let’s call this policy “Tracking Policy.”
  • An “opt-out” policy for On-Site Personalization. Let’s call this the “Personalization Policy.”

First task: set up the Tracking Policy:

1.    Go to Innometrics Web Data Collect App and find the “Privacy Control” tab. If the tab is not present, contact your Profile cloud account manager or support@apsis.com  

2.    Click on “Create new activation policy”


3.    Name it “Tracking Policy” and click “Create”


4.    Click “Add new Application”


5.    Search for and add Google Analytics and Profile Cloud Data Collection


6.    Select that the policy should be “opt-in”


7.    Select your opt-in Event. For instance, you might have a cookie bar with a button the user can click to Accept tracking cookies


8.    Save the policy



Now you have a Tracking Policy which will prevent Profile Cloud from storing any tracking cookies (both its own, and Google Analytics’) and prevent any data from being collected by both Profile Cloud and Google Analytics until the user triggers the “Accept Cookies” event.


Setting up the Personalisation Policy follows the same procedure, but using an opt-out policy instead.

1.    Go to Innometrics Web Data Collect App and find the “Privacy Control” tab:

2.    Click on “Create new activation policy”


3.    Name it “Personalisation Policy” and click “Create”


4.    Click “Add new Application”


5.    Search for and add On-site Personalization


6.    Select that the policy should be “opt-out”


7.    Leave the “opt-out Event” empty – since this is an opt-out policy, it is optional and for the current example we don’t need it.


8.    Select your opt-out Event. For instance, you might have a cookie bar with a button the user can click to Refuse cookies

9.    Save the policy


Now you have a Personalization Policy which will prevent Profile Cloud from triggering the On-Site Personalisation for any reason.