How Persoo collects data to visitor profiles
Browser is identified by browserID (cookie containing an unique random hash, has certain expiration period). BrowserID is send with each request from web page in browser to Persoo server. Using these requests/events, Persoo builds visitor profile for each browserID in real time on the secure place on Persoo servers.
To understand visitor identifications like login, click through a verified email, or merging browser profiles,… see multi device profiles.
But at the moment, we keep it simple. For simplicity suppose there are only browserID profiles, but data collection settings applies for all profiles.
Profile Data Collection Levels
According to your user privacy policy and their custom privacy settings, you can choose one of the following profile levels for each user. It will influence “browserID” cookie expiration.
- Do Not Track – request to Persoo will be send, but not stored in any visitor profile. As responds to such requests, general offers are returned to the website (i.e. general recommendations like best sellers, trending products, … at maximum you can use segmentation by browser vender, time of the day, etc).
- Session Profile – like above, but requests are used to build visitor profile for current “session” only. Profile will expire 30 minutes after last request. Session profiles are not considered to be deep profiles, thus no need for user consent according to GDPR.
- Permanent Profile (default) – like above, but visitor profile is permanent, does not expire with session. Deep profiles and actions based on them are considered to be personal identifiable data and website owner should get visitor consent for them.
Each user can change his mind and chage profile data collection level. But it has some consequences, i.e. if you switch your browser from “permanent profile” to “do not track” profile, all permanent profile data will be lost (anonymized).
How to set?
Every website uses different place, where it stores visitor cookie consents and custom privacy setting. To make it universal, we rely that you can write the correct data collection level to every page, returned by your server, or at least to put inline javascript into the page, which will read it from cookies.
Persoo snippet has part called “persooConfig”. In this config (which must precede the rest of persoo snippet), add following option persooProfileDataCollectionLevel, i.e.
|
1 2 3 4 5 6 7 8 9 10 11 |
// here you can run your javascript code, to get data collection level, i.e. from cookies persooConfig = { ... persooProfileDataCollectionLevel: "session", // Options are "doNotTrack", "session", "permanent" // Permanent value is the default. ... } // rest of the persoo snippet is here |
Another way to do it is to set cookie with name persooProfileDataCollectionLevel and the chosen value. This cookie is optional, it is not created automatically, but once it exists, it overrides the setting from persooConfig.
If you want to check current data collection level, look at the value of variable persoo.profileDataCollectionLevel in your browser debug console. If you change the value of this variable, it will influence only all future request send from the current page.
“Do Not Track” profile level
Every request send to Persoo server will contain “doNotTrack” field, so server will just respond with general data (recommendations based on general statistics, trends, day time,…) and decisions (targeting based on time, browser vendor, campaign parameters) and will not create visitor profile.
BrowserID cookie is set at session level, because it improves the perfomance a lot.
“Session profile” level
BrowserID cookie is set at session level. As the session cookie expires, its value is forgotten. On next session, new BrowserID will be generated.
Since BrowserID is random hash and there is no way how to identify the same browser again. From user perspective, the profile was forgotten. From your perspective, the profile still exists on the server, but is anonimized for statistical and web analytics purposes.
Data are reported regularly to Persoo server, without any flag, because profile will expire (disconnect from browser) with cookie expiration.
“Permanent profile” level
This is default Persoo operation mode.
BrowserID cookie is set at permanent level (by default for 2 years with refreshing expiration during each session). You can set the exact cookie expiration time in seconds by parameter persooProfileDataCollectionMaxAge in persooConfig. This option is considered only for permanent profile data collection level.
persooConfig = { ... persooProfileDataCollectionMaxAge: 2*365*24*3600, ...}
Data are reported regularly to Persoo server, without any flag.