Technical Docs
Integration Docs
Privacy Considerations

Privacy Considerations

When using our tracking code, you may need to be aware of privacy considerations surrounding Parse.ly's data collection approach.

By default, Parse.ly collects standard web browser information about a reader, the uses of which are described below:

  • ip_address: IP address of the user; used for bot detection and geographic segments
  • user_agent: Identifier for the user's device; used for device analytics (mobile vs desktop)
  • first_party_uuid: Site-specific identifier (UUID) for user; used in loyalty analytics (new vs returning)

To comply with Personally Identifiable Information (PII) restrictions in certain geographic regions, as well as the privacy policies of individual publishers, Parse.ly can selectively disable the tracking of ip_address. An example implementation is here.

Parse.ly has also exposed the ability to disable the tracking of ip_address on a per-visitor basis when using our standard javascript tracker. This can be especially useful with maintaining GDPR compliance.

#What does disabling ip address tracking mean?

When you disable ip_address tracking for a specific site, Site ID, or visitor we perform a hashing algorithm on the original ip address that removes any PII while maintaining enough information to perform reasonably accurate geographic segmentation.

#Is the first_party_uuid a form of PII?

No. The way we generate the first_party_uuid for web browsers uses server-side crytographic randomness. In the case of our mobile SDKs, we generate the first_party_uuid within the app itself, leveraging Java and ObjC/Swift APIs. The UUID is a unique identifier that can only be used to analyze single-domain or single-app user sessions.

Parse.ly does not link the first_party_uuid with any personal information about the web visitor; from Parse.ly's standpoint, each UUID is an anonymous content-viewing device or user.

Our terms of use prevent customers from overriding the first_party_uuid field with any PII data. We state in our terms of use:

Customer will not: (a) provide, or cause to be provided, any PII to Parse.ly; or (b) configure or otherwise cause any cookie, pixel tag, or other code to capture or transmit any PII to Parse.ly.

#Effect of disabling ip_address

Disabling ip_address prevents bot detection and blocking actions Parse.ly may take, but may lead to better compliance with strict privacy policies that consider IP addresses to be PII.

Disabling ip_address may make our geographic segmentation feature slightly less accurate. Geographic segmentation is most often used with our audience segmentation feature.

To disable ip_address, contact us at support@parsely.com.

#How and where is visitor data securely stored?

Parse.ly uses a stateless distributed DNS and CDN infrastructure, which is spread across several geographic regions for redundancy and performance.

Data is immediately processed in a distributed infrastructure located in several data centers in the United States (located in the states of Virginia and Oregon), where it is archived and stored long-term.

All data is stored on secure Linux servers, which are regularly patched and upgraded. These servers are behind a virtual private cloud networking setup. Because we rely on public cloud infrastructure, physical security of our data centers are handled by Amazon Web Services, who has public documentation on cloud security, as well as ISO 27001 compliance for their infrastructure.

Data is also backed up to a cloud distributed data store with 99.999999999% durability, and is only accessible by authorized systems using secure keys. This distributed data store is spread across several data centers clustered geographically in the state of Virginia in the United States.

#Do you have a public privacy policy?

Yes. Parse.ly publishes its privacy policy here. Some discussion of our data storage is also included in our product terms of use.

#How is data aggregated and anonymized?

Parse.ly aggregates and anonymizes customer data for the purpose of studying web-wide attention data. For example, aggregated and anonymized data is used for our data studies which are published to inform media industry trends for customers and the press.

#How does Parse.ly handle EU-US Privacy Shield?

We are Privacy Shield certified; our certification page is here. The principles for EU-US Privacy Shield are covered here. Our public privacy policy discusses these points throughout.

#How does Parse.ly handle GDPR?

The General Data Protection Regulation (aka GDPR) is a data regulation designed by the EU to safeguard the rights of consumers in the European Union, increasing the requirements for data security and privacy beyond the Data Protection Directive, which is the current EU regulation governing the right of consumer privacy.

More information on Parse.ly and GDPR can be found here.

#How does Parse.ly handle CCPA?

The California Consumer Privacy Act, or CCPA, is a data regulation enacted in 2020 by the US state of California to safeguard the rights of California residents.

More information on Parse.ly and CCPA can be found here.

#Example implementation of disabling PII tracking per visitor

To disable PII tracking on a per visitor basis you should define a PARSELY object with an onload function prior to the code for the default implementation. The onload function should call PARSELY.setConfigOptions and pass it an object with the keys and values you'd like to overwrite for this visitor. Currently, the only valid key is track_ip_addresses. The only valid values are true or false.

Use of the setConfigOptions function requires autotrack: false per the dynamic tracking documentation.

<script type="application/javascript">
function shouldTrackPII () {
    // returns true if we should track PII for this visitor
};

window.PARSELY = window.PARSELY || {
    autotrack: false,
    onload: function () {
        PARSELY.setConfigOptions({
            track_ip_addresses: shouldTrackPII()
        });
        PARSELY.beacon.trackPageView({
            url: location.href,
            urlref: document.referrer,
            js: 1
        });
    }
};
</script>
<!-- Normal Parse.ly integration code goes here -->
rocket emoji