...
In these efforts, the following aspects are important to follow strictly in your integration of the Boxalino’s Data Integration Platform, JavaScript Tracker and Narrative API.
What we mean by Sensitive Non-Anonymized Data (SNAD):
Sensitive Non-Anonymized Data (SNAD) are data from which can be derived sensitive personal information about your customers.
...
Customer Account identifier*
Visitor identifier*
Session identifier*
Gender
Year of birth
Zip code
Municipality
State (Canton)
Country
product ratings
user generated content
order data: returned products (fully, partially cancelled or returned)
product data: product margin, price, competitors prices and stock
* only if it is not possible to extract any sensitive information out of the value
Exclude SNAD from Tracker Events
The information sent to the Boxalino JavaScript Tracker should not include any SNAD in the information tracked.
Info |
---|
The JavaScript calls are done directly from the client (browser) of the customer and therefore do provide an IP address. Boxalino uses this IP address in real-time to extract information such as the region, country and weather, but does not keep the IP address in its data after processing it (except in short-term logs files which are rapidly deleted). |
Exclude SNAD from API Requests
The information sent to the Boxalino Narrative API should not include any SNAD in the information tracked with the exception of the IP Address which should be exclusively provided in the request parameter name “User-Host” as documented here.
Info |
---|
Similarly to the JavaScript tracker, Boxalino uses this IP address in real-time to extract information such as the region, country and weather, but does not keep the IP address in its data after processing it (except in short-term logs files which are rapidly deleted). |
Only include SNAD in Data Feeds in specific fields
SNAD should be exported only in specific fields of the doc_user and doc_order data structures.
All the other data structures should not include any SNAD.
doc_user
The root level of doc_user, as well as each entry of the array “contacts” include the data-type CONTACT which includes the following SNAD fields:
...
No SNAD should be provided in any other places in the doc_user data.
doc_order
The doc_order data include SNAD in the following fields (from the root level) , as well as each entry of the array “contacts” include the data-type CONTACT (see SNAD fields of contacts above in doc_user).
...