Measure. Learn. Optimize.
info@solosegment.com

How We Gather and Use Data

SoloSegment collects information for several purposes:

  1. To allow our website, solosegment.com, to work we gather cookie data. You can find more information about what cookies we capture, how we use the information and how you can control this information in our privacy policy (http://solosegment.com/privacy-policy/).
  2. During the ordering process, we gather information about you so that we can process your order. This information is stored in our fulfillment system. If you use a credit card, we share the minimum amount of information that allows our processor partner to process the transaction. We do not share any other information about the transaction with any other organization or person. If you are a client and want us to update or cancel your subscription based upon the terms of service or your specific contract, you can contact sales@solosegment.com
  3. To enable our marketing programs, including email marketing, we use MailChimp (mailchimp.com) as our content marketing provider. We collect only the information required to enable our content marketing efforts and only gather personal information — things like your name and your email address — that you tell us and that you confirm via a confirmation email. This is called “double opt-in” and ensures that we only use what you decide to share with us. You can update your preferences by clicking the link in any email you receive from us or by going to our sign-up form, reentering your information, and then following the instructions. Our sign-up form is located at http://eepurl.com/c4bcMX
  4. In order for clients to use our dashboards, clients must log-in at https://client.solosegment.com. We utilize information provided to us by the client, including email addresses, to enable the log-in for their employees. We set cookies and collect other information that is strictly necessary for the functioning of the client dashboards. If you are a client or the employee of a client and want us to update or cancel your log-in you can contact sales@solosegment.com
  5. To gather data for our analytics product, Site Search Inspector, and related analytics and automation products we gather data about visitors to the websites of our clients. Our clients place a SoloSegment JavaScript on their website. This JavaScript gathers information about each visitor’s interaction with the website. That information is sent to SoloSegment where we aggregate and process the information. SoloSegment does not need personal information about those visitors in order to create the analytics. SoloSegment does not gather personal information and our terms of service prohibit our clients from sending us that data. While we do not collect personal information (e.g. your name or email address), there is some information that we capture that could be tied back to a person. For example, we set cookies and collect IP addresses. We take a Privacy by Design approach so that even though we could tie back some of this information to a person, we change the data (it is anonymized) so that we can’t. More information about what we do to anonymize the data is in the Privacy by Design section below.

Privacy by Design

The goal of Privacy by Design is to only process and store data that cannot be tied back to a person. To achieve this goal we anonymize any data that could be used to tie back to a person and discard the non-anonymized data. This transformation occurs at the edge of our infrastructure.

Data Anonymization

In order for the modern internet to work, there are two pieces of data that must be captured when you visit a website — your IP address and an assigned cookie value. Google can tell you why IP addresses and cookies are necessary.  There are technologies available that can use one or both of those pieces of information to identify a person. That’s why it seems like advertisements for products you’re interested in seem to follow you around the internet. SoloSegment does not use those technologies. More importantly, SoloSegment does not need to be able to tie back to a person in order for our technology to deliver value for our clients. Therefore, SoloSegment’s goal is to basically “forget” that data immediately so that we don’t store and cannot use any information that could be tied back to a person. How do we do this?

We use data anonymization methods to immediately break the link between the data we originally capture — data that could be tied back to a person — and the data we process and store. Let’s look at the two pieces of information.

Cookies

When you visit a client’s website and you authorize that client to set cookies, usually through an opt-in but sometimes through an opt-out selection, we set a cookie for tracking purposes during your session on that website. That allows us to “sessionize” your visit so that we know when you perform a search whether or not you’re successful. We also know what pages you look at both before and after that search as well as some information about your interaction with those pages (e.g. what links did you click on, etc.).

Now we don’t really know about “your” session. We know about a session that has a cookie value that is the same as the cookie value stored on your computer. However, that value is unique to your computer and therefore is essentially unique to you (or whoever you let use your computer). We don’t need to know that it’s you so we take measures to change that cookie value (we call that anonymization) so that there’s no way for us to track back that cookie value to the one on your computer. If you want to know more about how we do this, scroll down to The Technical Stuff.

IP Addresses

When we receive data from our clients it includes both Cookies values and the IP address of the computer that is interacting with the client’s website. We don’t need the IP address in order to do what we do for our clients. So, we strip out IP addresses from our data before it is processed and stored.

That may seem like the end of the IP address story. However, it’s not that simple.

Because IP address identifies a computer, it is important information to know when doing forensics on a security incident. While all companies are concerned about their security posture, we do business with financial institutions and other large enterprise companies who are especially concerned about security. In order to support our internal audits and the audits of our clients, we do retain IP addresses for 30 days. When the IP address is stripped out of our data we store those IP addresses in a separate encrypted file. This data is automatically deleted on a rolling 30-day basis and our management system verifies those deletions on a regular basis.

If you want to know more about how we do this, scroll down to The Technical Stuff.

The Technical Stuff

For those of you who wish a more technical variant of the anonymization story, here you go.

The objective of this process is: 1) to immediately anonymize the cookie value so it can’t be tied back to a cookie value on the visitor’s machine and 2) replace the original IP address with a placeholder (1.1.1.1) and then store that original IP address in a separate, encrypted file that is only available for security audit purposes. An automated process deletes IP address data on a rolling, 30-day basis. The automated process is supported by periodic manual verifications.

Here’s how it works:

  1. Log entries (visitor data from our client’s websites) arrive at SoloSegment’s servers. This is referred to as the “Arrival Log”.
  2. In memory, several things happen:
    1. The cookie value is hashed using an industry standard cryptographic hash algorithm that creates a one-way hash of the original cookie value. The hashed cookie cannot be reversed to the original cookie value.
    2. The original IP address is replaced with the value 1.1.1.1
    3. The new log entry, with the hashed cookie value and replacement IP address, are written in the “Production Log”
    4. The original IP is written to an encrypted Security and Audit Log.
    5. A verification process runs to ensure that both log entries have been correctly created.
    6. All data in the “Arrival Log” and any value stored in memory are purged.