Recently, we hosted a webinar featuring our Security Program Manager, Charlie, breaking down GDPR and how our customers can take on their new privacy responsibilities. We received a lot of great questions but didn’t have time to respond to them all, so we thought we should put the answers in a blog post where everyone can find them.
1. What personal data is required to use Localytics?
As part of your integration of the Localytics SDK, you control the request for permissions from your end users and which data points should be collected through the SDK. Keep in mind that If your users opt out of data collection then no data is collected or processed.
Once your permissions and data collection instructions are in place, there are a set of basic session data points that will be automatically collected by our SDK which includes the two data points we discussed (IP Address and our install ID) that cannot be custom suppressed. We discussed these specific data points because it is important to ensure full transparency around the data we will require to process any data for our customers, the data controllers.
IP Addresses are not stored in any of our analytics tables. They are required to set up the communication channel between the SDK and our back-end for data upload. Localytics uses IP address to perform high-level location (country, region, state, etc.) and carrier data lookup. That ‘looked-up’ information is further processed, and IP addresses are discarded.
Install IDs are the random, unique identifiers our SDK will set during an end-users first application launch. These are the identifiers we require to effectively understand unique devices, and provide analytics with reasonable accuracy.
2. If I determine certain data points aren’t explicitly necessary for our business, can I instruct Localytics to stop collecting them?
Localytics does not have the ability to switch specific data points on/off per device upon request, or via a support ticket. However, the Localytics settings dashboard provides the ability to disable various events and attributes globally. Once disabled, our processor will drop these data points after ingest. Using these settings may be a useful way to disable any events globally until your next app update, at which point you can reconfigure the Localytics SDK to no longer collect the data in question.
3. Once a user is opted out, is there a way to collect any information from them? What about sending them messages?
Localytics’ approach is to provide a method to allow an end-user to fully opt-out of data collection, tracking and targeting. This ‘fully’ opted out approach is in place to support end-users’ rights to use your applications without being tracked or targeted at all.
Our APIs are also flexible enough to support any partial opt-out use cases you want to build out. In any of those cases you can can configure the SDK to collect data based on your custom permission sets you define. Instead of taking an all-or-nothing approach to data collection you may want to consider providing different levels like this:
- Allowing end-users to opt-out of all data collection
- Allowing users to opt-in to basic, anonymous session data collection – and receive general messages
- Allowing users to opt-in to collecting in-application activity data collection to receive content and notifications relevant to their activity and preferences
- Allowing users to opt-in to collect personalization data such as their name and email to allow for very a personalized, curated user experience across all applications.
Implementing the different levels of consent will require some customization to fit your specific app needs.
4. If a user requests to delete their data, will Localytics also remove the install identifiers? If so, will I also lose the ability to recognize new users vs. existing users, and to associate various events to the same session?
Yes, and Yes. In the scenario where a user requests to be forgotten, Localytics will no longer collect and process data for that device. Additionally, the ‘privacy delete’ instruction will be set, and Localytics will begin deleting the identifiers and profile data — including install_UUID for that specific device.
As that user will be opted-out of further data collection, Localytics will no longer need to identify that user as new vs existing, nor will we associate that device with any events. They are forgotten, and no longer a device in Localytics. If that user chooses to opt back into data collection, the install_id would be re-ingested, we would see that user as a new device, and begin associating activities, events, etc. for that new device/user.
5. What do I need to think about as I work towards making my app GDPR compliant?
To help get you started here are some action items to consider:
Review the data you app is collecting and classify the personal vs non-personal information. Of the data you’re collecting that is personal, decide if you need to be collecting it in order to understand and engage with your end users and take steps to stop collecting data you don’t need.
Integrate SDK 5.1+
Work with your security, legal, and dev teams to determine the best way to request permissions for data collection and inform end users of your new privacy policies. For example, you could build an in-app message that appears on app launch that requests permission for data collection and use the SDK to capture which users have opted in or out.
Get a Data Processing Agreement
If your legal and privacy teams determine that you are subject to GDPR, and you require an appropriate contract in place with your data-processors, you should consider implementing a Data Processing Agreement (DPA) with each vendor that handles personal data. A DPA is basically a contractual addendum that commits your vendors to ensuring they fulfill their obligations as a data processor under GDPR.
There have been a number of questions about when and how to inform end users about updated privacy policies, and under which circumstances it is acceptable to collect data from end users. These are the types questions that we can’t provide the answers to. It is important to work with your security and legal teams to define your specific privacy policies and determine what data may be collected with or without notice or consent.
Our objective is to provide you the flexibility to control the collection of data as deemed appropriate and necessary for your specific products and applications. You can find documentation on SDK 5.1 in our developer docs.