To protect the privacy of website visitors, the ShinyStat’s Term of Service specify that it is not allowed to send personal data, even pseudoanonyms, to ShinyStat™ collection systems.
Personal information includes, but not limited to, name, email address, postal address, personal telephone number, fiscal code, exact location (for example, via GPS), etc.
If in doubt about the type of data classified as personal information, we suggest you confront your privacy and/ Data Protection Officer consultants.
Before installing ShinyStat, we suggest following the instructions and best practices below:
Avoid User IDs containing personal information
It isn’t possible to use identifiers containing identifiable personal information (PII), such as e-mail addresses, telephone numbers or any data considered "PII".
It is therefore necessary to pass to ShinyStat encrypted identifiers, according to an adequate level of encryption, for which the use of a minimum of 8 characters is recommended.
Note: ShinyStat has a minimum hashing requirement of SHA256.
Avoid URLs containing personal information
The ShinyStat tag collects the page URL of each page viewed.
It may happen that, through these URLs, personal information is inadvertently sent.
To avoid sending personal information, we suggest that neither the path nor the URL parameters contain any personal information. Both URLs or URL parameters must be free of personal information.
It is possible to change the URL, before it gets sent to ShinyStat, using the "PAG=" parameter.
For further information: Advanced Code - Option: Rename page (assign a name to your pages)
There are different solutions to avoid sending personal information via URL:
Remove personal information entered by visitors
Users and visitors may enter personal information in the SEARCH field or in any FORM present on the site.
Personal information entered by visitors must be removed before it is sent to ShinyStat.
Configure the ShinyStat Features paying attention to privacy risks
In order to protect the privacy of site users and visitors, we also recommend paying attention to the way in which the various features offered by ShinyStat are configured, (such as campaigns, conversions, external links, channels, video, pages and the like), which must be configured in order to avoid sending any personal information, such as name, fiscal code, email address, unique identifier of devices, etc.
Geolocation
If the site collects geolocation information, make sure that this information is not based on GPS data and/or does not include detailed location information.
Please consider that sometimes even a postal code may indicate a specific residence.
Avoid sending similar data to ShinyStat collection systems.