AT Internet's Privacy Features

Organisations involved in the processing of personal data must fulfil certain obligations and best practices, specified both at the European level in the General Data Protection Regulation (GDPR) (please see our practical GDPR guide) and at the specific country level.

Within this framework, AT Internet offers a set of features to help you define your processing and strengthen protection of your users' privacy.


List of Privacy features

  1. Opt-out page
  2. Customising personal data history
  3. Anonymising IP addresses
  4. Non-placement of cookies
  5. CNIL exemption
  6. Excluding "non-cookied" traffic
  7. 1st party cookies
  8. Hashing mobile user IDs

 

As data controller, it is your responsibility to adopt the features which address your objectives and obligations, depending on your country's legislation.

In light of the GDPR, the 1. Opt-out page and 2. Customising personal data history features are mandatory. Please refer to your country's data protection authority to check which cookie management features should be enabled.

Do not hesitate to contact our support centre (via the "Help" button at the bottom right) for any additional guidance on this topic.

 

Opt-out page

 

Objective

Meet your GDPR-related obligations by offering an opt-out mechanism that your users can easily access at any time (see "Your users' preferences" in our practical GDPR guide).

 

Description

Use one of our opt-out solutions for web cookies and/or for managing mobile IDs in the case of mobile apps.

Web:

Mobile apps:


Please note that in the case of 3rd party cookies, you must share the above link with your users  in order to manage opt-outs.

In the case of 1st party cooies and mobile IDs, it's your responsibility to configure associated tagging libraries so that opt-outs function correctly.

 

Impact on your data

Any opted-out traffic is excluded from navigational analyses that can be combined and segmented.
Reports in Explorer will soon feature certain indicators enabling you to measure the number of page views associated with this excluded traffic.

 

> go back to the list of Privacy features

 

Customising personal data history

 

Objective

Meet your GDPR-related obligations by defining the period during which personal data is stored (see "Information for your users" in our practical GDPR guide).

 

Description

Contact our support centre ("Help" button at bottom-right) to discuss the possibility of implementing an automatic purge of personal data on a sliding period that you define (examples: 13, 25, 37 months, ...) for all level 1 sites of a contract.

 

Impact on your data

Implementing such an automatic purge will result in the deletion of data related to the following dimensions...

... namely...:

  • all "detailed" data available by default in Data Query that has not been saved (as it can be combined/segmented by default with the above dimensions)
  • all "detailed" data that can be exported via Custom Export
  • all "aggregated" data or saved data containing at least one of the above dimensions (example: a Data Query template on identified visitors, a Dashboard containing customer IDs, or a Report on identified visitors (text), as well as the linked analyses in Explorer and NX)

 ... for all the sites of a contract.

> go back to the list of Privacy features

 

Anonymising IP addresses

 

Objective

Ensure greater anonymity for your users in terms of geolocation.
Please note that in any case, IP addresses are never available in AT Internet's Analytics Suite.

Anonymising the IP address is not required by the GDPR, but it is mandatory, for example, when processing personal data of citizens residing in Germany.

 

Description

Contact our support centre ("Help" button at bottom-right) to request that the anonymisation option be enabled for the last 3 numbers of the IP address' last full octet (byte).

2018-08-21_10h02_12.png

 

Impact on your data

Potential loss of precision:

  • when geolocating users
  • when detecting bots
  • when detecting "provider (Internet connection)"

 

> go back to the list of Privacy features

 

Non-placement of cookies

 

Objective

Be compliant with national laws requiring consent prior to the placement of cookies.

Please note that in France, AT Internet benefits from an exemption from the CNIL (France's data protection authority), making it possible to place a cookie prior to obtaining user consent (see CNIL exemption below).

 

Description

Use the tagging method disableCookie (= true) when loading the first page of your user's first visit until obtaining his/her consent.

 

Impact on your data

 

> go back to the list of Privacy features

 

CNIL exemption

 

Objective

Ensure compliance with national laws requiring consent prior to the placement of cookies, with the condition that your national authority is line with and accepts the CNIL's statement as defined in the description below.

 

Description

The CNIL (French data protection authority) permits a cookie to be placed before user consent is received if the following measures are taken:

  • Deletion of personal data after 13 sliding months > Action for AT Internet (see Customising personal data history above)
  • Anonymisation of the last byte/octet (last 3 numbers) of the IP address > Action for AT Internet (see Anonymising IP addresses above)
  • No measurements "outside the site" are used (banner impressions, remote video, email opens, iframe, ...) without prior consent > Action for the client
  • Imported 3rd party data is not used in AT Internet's Analytics Suite (AT Connect for import) > Action for the client
  • Limit cookie lifetime to 13 set months > Action for the client for 1st party cookies, and by default for AT Internet's 3rd party cookies
  • Geolocation of users no more granular than city-level > Action for the client for any potential custom usage, by default for AT Internet's geolocation analyses
  • GPS geolocation is not used > Action for the client
  • Make an Opt-Out feature available for web and mobile, as well as an information page which clearly and accessibly explains how cookies are used > Action for the client

Please note that this CNIL exemption regarding the non-placement of cookies before user consent is obtained allows you to avoid the impact related to the non-placement of cookies listed above (loss of traffic sources and loss of statistical data quality).


Contact our support centre ("Help" button at bottom-right) to discuss the possibility of enabling the CNIL Exemption option.

AT Internet can also provide a service to audit all above "Action for the client" points for you.

 

Impact on your data

 

> go back to the list of Privacy features

 

Excluding "non-cookied" traffic

 

Objective

Respect the choice of end users who have expressly refused the placement of cookies.

 

Description

In cases where cookie placement is refused, our solution will, by default, recognise users by associating IP address with their User Agent. This association of information may be considered as a kind of cookie by your national data protection authority, in which case it must be treated in the same way as opt-outs.

Contact our support centre ("Help" button at bottom-right) to request that non-cookied traffic be excluded.

 

Impact on your data

Non-cookied traffic is excluded from navigational analyses that can be combined and segmented.

Reports in Explorer will soon feature certain indicators enabling you to measure the number of page views associated with this excluded traffic.

 

> go back to the list of Privacy features

 

1st party cookies

 

Objective

Offer your users less-intrusive cookie management, as cookies are managed by domain.

 

Description

See how to migrate from 3rd party cookies to 1st party cookies and consult the complete list of cookies we use.

 

Impact on your data

If 3rd party cookies are changed to 1st party cookies, the following metrics will be reset:

  • Reset of new visitors
  • Potential drop in number of unique visitors

 

> go back to the list of Privacy features

 

Hashing mobile user IDs

 

Objective

Ensure better anonymisation of your end users so that the mobile ID you've chosen for your native applications (see for iOS and for Android) is not transparently transmitted.

 

Description

 

Impact on your data

None

 

> go back to the list of Privacy features

Have more questions? Submit a request