On May 25, 2018, the General Data Protection Regulation (GDPR) will come into full force. We at GA Connector are committed to being fully compliant with the new EU requirements.
This new regulation, which is aimed at protecting the privacy of EU citizens, expands citizens’ and residents’ control over the data they share on the web.
Below is a list of features that are required in order to comply with GDPR. We will continue to work on them regularly to help you be transparent with your clients.
|What it means||What GA Connector implemented|
|Lawful basis of processing||We need legal reason to process your data. This can be consent, legitimate interest or a contract.
As a controller, you need to track the lawfulness of contact given.As a GA Connector user, you give consent the moment you opt in.
|We updated our legal documents:
|Withdrawal of consent (or opt-out)||After signing up for GA Connector, you will get a number of emails to help you install our app.
We won’t spam you, ever.
|You can unsubscribe automatically by clicking “unsubscribe” in an email or manually by emailing contact@gaconnector.|
|Cookies||When using GA Connector apps, you will need to notify your clients that you are using cookies to track information about them.||Consider the plugins below for an easy update on cookies policy: Cookibot, OneTrust, GDPR Cookie Consent, Iubenda.|
|Deletion||Everyone has the right to be forgotten. GDPR requires the permanent removal of subject’s data upon request. You will have 30 days to respond to deletion requests.||To delete your personal data or your client’s information, please contact us at email@example.com.|
|Access / Portability||You and your clients have the right to access personal data we have about you.||To request a contact record, please contact firstname.lastname@example.org.|
|Modification||GDPR gives the right to modify data, should it be inaccurate or incomplete.||To modify your personal data or your client’s information, please contact us at email@example.com.|
|Security Measures||GDPR raises standards in digital security. To stay compliant, personal data needs to be encrypted, and encryption keys should be stored separately from data.||All personal data (email and/or telephone) that is stored on our server is encrypted.|
Privacy considerations depending on the type of integration
Each app is built differently and has different privacy considerations:
GA Connector Salesforce-to-Google Analytics integration is a managed Salesforce package that monitors changes to your Salesforce records, such as:
- Lead status
- Opportunity stage
- Opportunity amount.
Furthermore, because of the way Salesforce security was built, it’s technically impossible for us to gain access to your data through this package. You can read more about that here.
Zoho-to-Google Analytics works the same as Salesforce-to-Google Analytics, except that for certain technical reasons, it doesn’t send data directly to Google Analytics, but sends it first to the GA Connector server and the server sends it to Google Analytics.
We don’t store any of your data.
GA-to-Salesforce and GA-to-Zoho integration v2.0
Here is what we collect:
- First and last click source information (source, medium, term, campaign, content, landing page, etc.)
- Location and time zone (based on user’s IP address, which we don’t store anywhere in our system)
- Information about device (browser, device type, device version)
- Google Analytics client ID
- Email addresses and phone numbers that users enter in forms on the website (in order to be able to match visitor data with CRM data).
You can read more about how this type of integration works here.
After that, GA Connector’s job is done, and the website forms just deliver the information in the cookie or hidden fields to the CRM.
Is GA Connector fully compliant?
Yes. We do our best to stay transparent and honest with our clients. We are preparing new features and updates.
Does GA Connector store personal information?
Where is my data stored?
GA Connector data is processed and stored with Digital Ocean data storage. It’s located in the NYC area. Digital Ocean supports GDPR and will be fully compliant by May 25, 2018.
Will GA Connector be able to comply with the right to be forgotten?
If your clients want their data erased, please contact us via firstname.lastname@example.org and we will handle the case manually. GA Connector is working on the automation of this and other features.
Do I need to have client consent before a session starts with GA Connector?
This is not necessary. The information that GA Connector stores before form submission is not classified as private. Private information may be tracked when submitting forms, so at this point you should ask your clients for consent.