10 THINGS TO KNOW ABOUT
CONTENTSQUARE’S DATA PROCESSING
- WE COLLECT LIMITED PERSONAL DATA AND TECHNICAL DATA. By default, the Contentsquare solution collects from visitors of its customers’ website/apps, the following:
- Personal Data. IP addresses (website only); Online Unique ID; Behavioral Data (e.g. how visitors interacted with the website or app, mouse or touch movements, scrolls, mouse clicks, screen taps or zoom data, time of engagement, etc.); and, only to the minimum extent necessary, additional types of personal data as may be specifically requested by the customer or incorporated as part of a specific ordered service; and
- Technical Data. Which may include pages of a website or app visited, type of computer operation system, type of web browser, JS error, other backend technical data, etc.
- IP ADDRESS USAGE AND RETENTION (website only). IP address is stored in Contentsquare system for a short period of time (no longer than 3 days)*. Following such period, IP address is deleted. We use IP address only for:
- GEO location up to the city level by using an external repository matching the IP address and the city ;
- Blacklist any unwanted IP addresses (per request by the customer);
- Log for system troubleshooting purposes. *Upon request, Contentsquare can provide an IP-less solution which will prevent the processing of the visitor IP address.
- COOKIES. The Contentsquare solution is designed to use 1st party cookies, with expiration of no more than 13 months. See current list of cookies used by the Contentsquare solution at: https://docs.contentsquare.com/uxa-en/#cookies-list. Our Cookieless solution, if enabled by the customer, replaces cookie technology with SessionStorage technology (which expires at the end of the session). For more information, see https://contentsquare.com/privacy-center/audience-measurement-exemption/. For our CS for Apps solution, Online Unique ID is collected and used in customer’s native apps only and stored on device no more than 13 months.
- DATA RETENTION. Personal data is kept for up to 13 months, available for customer’s use in accordance with the applicable data availability term purchased by the customer under the Order Form. Personal data can be deleted at any time per customer request.
- SUBPROCESSORS AND DATA TRANSFER. As an essential part of our services we use sub-processors that will have access to the data collected. See current list of sub-processors at: https://contentsquare.com/privacy-center/subprocessors/. Location of data storage is determined by the customer’s location - meaning that our EU customer's data is stored in the EU and our US customer's data is stored in the US. Our customer's data may also be accessed from locations outside such storage space by our subprocessors in order to provide the services.
- PROCESSING. Contentsquare processes personal data solely as agreed under the applicable agreement with the customer. Customers’ personal data is not used for any other purpose without the customer’s consent. Contentsquare do not sell customers personal data. Contentsquare does not track visitors outside of its customers’ websites/apps.
- PSEUDONYMIZATION. As Contentsquare keeps the Online Unique ID during the processing activities, the personal data is not deemed anonymized but may be deemed as PSEUDONYMIZED.
- DATA SUBJECT REQUESTS. We allow our customers and provide assistance in their efforts, to comply and respond to any Data Subject Requests (DSR) relating to the personal data processed by the Contentsquare solution, such as access and deletion of personal data. See out Data Subject Request Portal at: https://contentsquare.com/privacy-center/data-subject-request-portal/.
- DATA MINIMIZATION. The Contentsquare solution collects only the minimum amount of personal data required to provide our customers with the ordered services. To such end, we provide our customers with tools and abilities to identify and block any unnecessary personal data from being transferred to Contentsquare.
- DATA PURGE. Contentsquare has implemented tools and internal processes, managed and lead 24/7 by Contentsquare’s dedicated and trained support team, for the purpose of handling any privacy related events, and the timely provision of internal and external notifications and the purge of any excess personal data from our system, as needed.
Contentsquare employs, as part of its Privacy and Compliance team, dedicated certified privacy experts monitoring changes in privacy regulations on an on-going basis, assessing Contentsquare’s compliance with such changes and updating any and all that needs to be updated, in order for Contentsquare to maintain its compliance with all applicable laws. For additional information, clarifications and updates please do not hesitate to contact [email protected], or refer to our privacy page and policies at https://contentsquare.com/privacy-center/.