Privacy and Security

Contentsquare collects statistical audience data to enable its customers to improve the user experience of their sites. The following privacy and security policies specifies Contentsquare’s privacy and security practices in respect to the data and information it receives from website owners.

1) Conformity with international standards

All Contentsquare’s clients are provided a link ( to publish on their website allowing visitors to exclude themselves from being recorded by the software.
Collected data are not matched with other data sources.
Contentsquare does not use any “third party” cookies; internet users cannot be tracked over different websites.
Contentsquare retrieves the IP only to compute geolocation (no more precise than the city). The IP is not stored on Contentsquare’s servers.

In addition to those measures, Contentsquare has a Data Protection Officer whose duty is to ensure that individuals’ rights are respected during the processing of personal data.

2) Contentsquare Cookies

Contentsquare uses two first-party cookies (i.e. placed on the client domain).
_cs_id provide a way to anonymously recognize a returning visitor. Its lasts no more than 13 months.
_cs_s is a session cookie which is placed at the beginning of each visit and expires 30 minutes after the last pageview of the visit.
Contentsquare does not use any “third party” cookies enabling an internet-user to be tracked over different websites.

3) Use of IP address

Contentsquare retrieves the IP only to compute geolocation (no more precise than the city). The IP is then anonymized and is never stored on Contentsquare servers or anywhere else. Contentsquare anonymizes the address as soon as technically feasible at the earliest possible stage of the collection network.  The IP anonymization sets the two last bytes of user IP addresses to zeros (ie: 127.0.x.x)

4) List of data collected

The exhaustive list of collected data is available below:

Data Use Exemple
User Agent Detection of browser and device Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5)
IP Address Geolocalization of internet-users 127.0.x.x
URL Statistics on page inquiries and clickstream
Screen resolution Filtering of reporting data by resolution 1600×900
Referer Detecting source of traffic
Clicks Statistics on page elements / Reproduction of user sessions & heat maps {target: “div#zone”, t: 1500}
Position of mouse Reproduction of user sessions & heatmaps {x:200, y 800, t: 1500}
IP Address Geolocalization of internet-users 127.0.x.x
Hovers Statistics on page elements {target: “div#zone”, t: 1500}
Scroll Heatmaps {top: “0px”, left: “50px”, t: 1500}
Focus Reproduction of user sessions {target: “div#zone”, t: 1500}
Blur Reproduction of user sessions {target: “div#zone”, t: 1500}
Submit Reproduction of user sessions
HTML page content Reproduction of user sessions & heatmaps. Collected only on 1% of sessions.

Ordering data (if e-commerce tracking enabled):

Data Use Exemple
Transaction ID E-commerce statistics 1234
Total E-commerce statistics 11.99
Amount of taxes E-commerce statistics 1.29
Amount of delivery E-commerce statistics 5
Product total E-commerce statistics 11.99
Product ID E-commerce statistics 1234
Product name E-commerce statistics Green shoes
Product category E-commerce statistics 1
Scroll E-commerce statistics shoes

5) Personally Identifiable Information

In addition to other privacy policies, Contentsquare prevents the collection of any personally identifiable information via several tools, including:

  • Blocking client-side keystrokes collection: By default, Contentsquare does not collect or store any keystroke
  • Excluded Zones: Customers may also tag sensitive data in the HTML with HTML comments, to ensure that any personally identifable information in data is removed by the Contentsquare parser before being sent to Contentsquare’s servers.

6) Use of Google data

Why are we requesting Google user data?

Contentsquare allows you to import segment you defined in Google Analytics within Contentsquare platform. The only purpose is to combine Google segmentation criteria on Contentsquare collected data.

What data are we requesting?

We ask for 3 permissions when you authenticate through Google:

  • Analytics read and edit: this will allows us to get Google Analytics segments and create report in order to import Google data in Contentsquare platform.
  • Drive read: once report is generated on Google side, we need to download it from Google Drive
  • Cloud storage read: once report is generated on Google side, we need to download it from Cloud Storage. In some cases, report is provided through Cloud Storage instead of Drive.

With these 3 permissions, we build a report from Google Analytics, on a specific segment, asking for specific Contentsquare values that have been sent upfront, when a visitor browsed your website. Report is then built, downloaded, parsed and Google segment can be used to group Contentsquare sessions.