Trackier servers are used to transmit and store visitor information from the tests running on your websites. However, by default, Trackier identifies and anonymizes any Personally Identifiable Information (PII) or sensitive data of users before storing the data on its servers. PII includes passwords, social security numbers, phone, card information, and other details.
For deleted or expired accounts, the data is deleted within 45 to 90 days from the date of expiry. For priority cases, you can write to Trackier support, requesting immediate deletion of accounts or specific user data. Trackier may retain PII only as required and permissible by applicable laws, and for such period by applicable laws.
Location Information – For accounts that are using the reports segmentation option, the location information helps filter users, based on their geographical location or region. You can customize what level of location information you want to track.
IP Addresses – By default, the last octet of any IP address is anonymized before storing it on Trackier servers. You can select different formats of anonymization formats to store the IP information. To learn how to change the anonymization option for an IP address, click here.
Cookies – Visitor UUID and cookies information is used to identify variation accessed. The visitor journey is pseudonymized by using a one-way hashed value.
Custom Dimensions – As a policy, Trackier does not recommend sharing any personal information with Trackier. However, in situations where it becomes mandatory to share such data, we recommend the use of salt with a minimum hashing requirement of SHA256, with at least 8 characters. To learn about using custom dimensions in Trackier, click here.
Email Addresses – If you have campaign surveys running where email addresses are collected, Trackier encrypts all survey responses by default.
Deletion/Disposal Policy
Trackier has established policies and procedures for the disposal of electronic and physical media containing PII, sensitive, and confidential information which ensure data security of its servers. We recognize that media containing PII may be accessed and reused if safety precautions are not taken to protect the data.
PII Data Deletion
Destruction/disposal of PII data and information media is done in accordance with Federal Data Protection laws and regulations and pursuant to Trackier data retention policy/schedule.
If any media is being reused, all PII and confidential data is rendered inaccessible, cleaned, or scrubbed. All media is formatted to restrict future access.
Trackier external services and third-party vendors, upon termination of the contract, will return or destroy/dispose of all PII, sensitive, and confidential data. In cases where the return or destruction/disposal is not feasible, the contract limits the use and disclosure of the information to the purposes that prevent its return or destruction/disposal.
Any disposed media containing PII and confidential data is disposed of, making sure that the data cannot be readily recovered or reconstructed.
The methods of destruction, disposal, and reuse are reassessed periodically, based on current technology, accepted practices, and availability of timely and cost-effective destruction, disposal, and reuse technologies.
Trackier sanitizes all electronic media to “clear” or “purge” PII, sensitive, and confidential information stored in accordance with NIST Special publication guidelines. If the media cannot be “cleared” or “purged”, then it must be “destroyed.”
Disposal of Media with PII
Media containing PII, and the sensitive and confidential information is stored and disposed of in a safe and secure environment.
Devices containing PII, and sensitive and confidential information are physically destroyed, and the information is destroyed, deleted, or overwritten by using techniques to make the original information non-retrievable.
All unusable hard disk drivers shall be erased securely by using a degausser.
A record of all media disposed of and the relevant authorisation forms for such disposal is maintained for record and audit purposes.