On May 25, 2018, the General Data Protection Regulation (GDPR) will come into full force. We at GA Connector are committed to being fully compliant with the new EU requirements.

This new regulation, which is aimed at protecting the privacy of EU citizens, expands citizens’ and residents’ control over the data they share on the web.

Below is a list of features that are required in order to comply with GDPR. We will continue to work on them regularly to help you be transparent with your clients.

 

What it means What GA Connector implemented
Lawful basis of processing We need legal reason to process your data. This can be consent, legitimate interest or a contract.
As a controller, you need to track the lawfulness of contact given.As a GA Connector user, you give consent the moment you opt in.
We updated our legal documents:
Terms of use, Privacy policy, Cookie policy.
Withdrawal of consent (or opt-out) After signing up for GA Connector, you will get a number of emails to help you install our app.

We won’t spam you, ever.

You can unsubscribe automatically by clicking “unsubscribe” in an email or manually by emailing contact@gaconnector.
Cookies When using GA Connector apps, you will need to notify your clients that you are using cookies to track information about them. Consider the plugins below for an easy update on cookies policy: Cookibot, OneTrust, GDPR Cookie Consent, Iubenda.
Deletion Everyone has the right to be forgotten. GDPR requires the permanent removal of subject’s data upon request. You will have 30 days to respond to deletion requests. To delete your personal data or your client’s information, please contact us at gdpr@gaconnector.com.
Access / Portability You and your clients have the right to access personal data we have about you. To request a contact record, please contact gdpr@gaconnector.com.
Modification GDPR gives the right to modify data, should it be inaccurate or incomplete. To modify your personal data or your client’s information, please contact us at gdpr@gaconnector.com.
Security Measures GDPR raises standards in digital security. To stay compliant, personal data needs to be encrypted, and encryption keys should be stored separately from data. All personal data (email and/or telephone) that is stored on our server is encrypted.

Privacy considerations depending on the type of integration

GA Connector consists of several apps that each serve different purposes, depending on the type of integration.

Each app is built differently and has different privacy considerations:

Salesforce-to-Google Analytics:

GA Connector Salesforce-to-Google Analytics integration is a managed Salesforce package that monitors changes to your Salesforce records, such as:

  • Lead status
  • Opportunity stage
  • Opportunity amount.

In the event of any changes, GA Connector sends data directly to your Google Analytics account via secure HTTPS protocol.

This package doesn’t store any of your data on our servers. Everything is stored either in your Salesforce or in your Google Analytics account.

Furthermore, because of the way Salesforce security was built, it’s technically impossible for us to gain access to your data through this package. You can read more about that here.

Zoho-to-Google Analytics

Zoho-to-Google Analytics works the same as Salesforce-to-Google Analytics, except that for certain technical reasons, it doesn’t send data directly to Google Analytics, but sends it first to the GA Connector server and the server sends it to Google Analytics.
We don’t store any of your data.

GA-to-Salesforce and GA-to-Zoho integration v2.0

This is the only case where we store information on our servers.

Here is what we collect:

  • First and last click source information (source, medium, term, campaign, content, landing page, etc.)
  • Location and time zone (based on user’s IP address, which we don’t store anywhere in our system)
  • Information about device (browser, device type, device version)
  • Google Analytics client ID
  • Email addresses and phone numbers that users enter in forms on the website (in order to be able to match visitor data with CRM data).

All data is securely stored on Digital Ocean in NYC. Industry-standard security measures are implemented in order to protect this data.

You can read more about how this type of integration works here.

GA-to-CRM v1.0

When a user visits a website with a GA Connector v1.0 tracking code, the tracking script collects information about the referral URL and landing page URL and sends it to our server via encrypted HTTP protocol. The server returns parameters to the script and stores them it in cookies and hidden form fields.

After that, GA Connector’s job is done, and the website forms just deliver the information in the cookie or hidden fields to the CRM.

 

FAQ

Is GA Connector fully compliant?

Yes. We do our best to stay transparent and honest with our clients. We are preparing new features and updates.

Does GA Connector store personal information?

Not until users start filling out the forms on your website, at which point you should ask for consent to store this information.

Until users start interacting with your forms, GA Connector doesn’t store any personal information. For this reason, we stopped storing users’ IP addresses; since we don’t have any control over the Cookie Policy on our clients websites, we decided not to store this data or send it to CRM systems.

Where is my data stored?

GA Connector data is processed and stored with Digital Ocean data storage. It’s located in the NYC area. Digital Ocean supports GDPR and will be fully compliant by May 25, 2018.

Will GA Connector be able to comply with the right to be forgotten?

If your clients want their data erased, please contact us via gdpr@gaconnector.com and we will handle the case manually. GA Connector is working on the automation of this and other features.

Do I need to have client consent before a session starts with GA Connector?

This is not necessary. The information that GA Connector stores before form submission is not classified as private. Private information may be tracked when submitting forms, so at this point you should ask your clients for consent.

 

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *