Data privacy on websites is essential to protect users’ personal information from unauthorisedt access and misuse. When websites collect data, safeguarding it ensures users’ trust and prevents potential harm, such as identity theft or fraud.
This knowledge base article explains what data is collected by PersonalizeWP and how that data is stored and used. If you have any additional questions, please feel free to contact us.
Collecting visitor data
The Pro version of PersonalizeWP collects data about visitors as they browse your website..This is done via a tracking script that is automatically added to your site when the plugin is activated.
The tracking script creates a unique browser ID for every visitor and stores this in the local storage of the user’s browser. Each time they take an action on the site, we check for the presence of this ID.
When actions are taken, we send data to your WordPress Admin via a secure REST API endpoint. This data includes the unique browser ID and details of the action they have taken (i.e. visiting a URL, submitting a form or purchasing a product).
We store this information in a Visitor Profile, so we can build up a picture of what a user has done on the site. We also use this information to determine if the profile should be associated with a segment, or if a score should be applied to their profile.
All profiles start out as anonymous until information is provided by the visitor.
Where is the data stored?
This data the plugin collects is added to your own site database and is not sent to any other service.
Do you store PII data?
PersonalizeWP provides site owners with the ability to map information provided in forms or provided as part of a purchase to their Visitor Profile. This changes the profile from an anonymous user into a known user.
Data mapping is handled automatically for purchases made via WooCommerce. The data mapped is no different to the data already held by the store.
Data mapping via forms is determined by the site owner and is a manual process to decide which fields to map to the Visitor Profile.
What data is stored?
A Visitor Profile consists of the following basic information that is stored for each visitor:
- Unique Browser ID
- First Seen – date/timestamp
- Last Seen – date/timestamp
Data may then be additional mapped to the following fields:
- First Name
- Last Name
- Phone Number
- Street Address
- Address Line 2
- City
- State / Province / Region
- Zip / Postal Code
- Country
- Website
- WordPress User ID
- WordPress User Role
- Marketing Consent
- Privacy Policy
We track the following activities by visitors to the site, with a date/time of the activity:
- Page Visit (including URL)
- Form Submission (including form completed)
- Product Purchase (including product purchased)
- User Login
Additionally on each activity we store the browser referrer if set, and the IP address that made the request.
How is the data secured?
The data is stored in the site database, and therefore the security of the data is dependent on where the database is hosted and who has access to it.
Turning on anonymous data collection
PersonalizeWP offers a setting to anonymise data collection. When enabled, this setting ensures that while user activity is tracked for segmentation and lead scoring purposes, personal identity remains concealed.
This feature can be found in Settings > Privacy. The feature does not work retrospectively, and therefore only data collected after it is enabled is anonymised.
Setting the Activity Data Retention Period
PersonalizeWP offers a setting to determine the activity data retention period. Activity entries older than the selected period will be permanently deleted from the database.
The setting offers the following options:
- 1 Day
- 1 Week
- 1 Month
- 3 Months
- 6 Months
- 1 Year
- Forever
This feature can be found in Settings > Privacy.
