On May 25, 2018, a new data privacy law called the General Data Protection Regulation(GDPR) came into force, impacting how businesses collect and process data from individuals in the EU. In preparation for the GDPR, MetaLocator updated its policies, practices and tools in accordance with these new regulations. The provisions of the GDPR apply to any entity that processes personal data of individuals in the European Union (EU), including tracking their online activities, regardless of whether the entity has a physical presence in the EU.
The US followed suit by introducing state-level legislation in many ways modelled by the GDPR, including the CCPA, PCDPA and more.
Our top priority is ensuring that our end-users and customers can use MetaLocator in a privacy-regulation-compliant manner and the data they collect with MetaLocator is processed securely. Ultimately, your business is responsible for its own compliance. Each individual organization needs to evaluate its data practices against the new regulations and ensure compliance.
Privacy Controls & Features
Any user of our software can make a data inquiry via this form. Upon legitimate request, we will delete, transfer, stop processing or edit contact information for any user in our systems.
Customers can enable automatic truncation of phone numbers received in our Send to Phone features. See "Anonymize User Phone Number?" setting under the Contact Form settings.
Opt-out preferences established by your Web site can be passed into MetaLocator via the _opt_out URL parameter. This allows MetaLocator to disable analytics tracking silently based on a preference set by the visitor elsewhere on your Website.
End users can now opt-out of tracking entirely by MetaLocator. The form presented here places a cookie on the end users' computer which disables our analytics and tracking systems for that user.
Customers can enable an opt-in control as shown below. This disables our Analytics system and user tracking until the user clicks continue. This option can be found under Analytics Settings, then Request Consent Before Tracking?
Policies & Practices
As part of our preparation for the GDPR, we also have provided public documentation on the cookies we use.
Many of our internal security and privacy-related procedures have been updated. Feel free to contact us for written copies of those documents.
Existing Privacy-Related Policies & Practices
Privacy is not a new issue and has been important to our company since day one. The following items have always been a part of MetaLocator's core offering:
We respect the DoNotTrack header.
Powerful change, delete, export and search capability to manage personal data via the control panel.
We anonymize all IP addresses before storage
Our analytics package can export all data regarding a particular user
Security and Privacy By Design is central to our operating philosophy and documented practice.
All Customer data is encrypted at rest and in transit as part of our SOC2 Compliance.
We reject and prohibit MetaLocator's use for tracking "highly sensitive" data including government issued ID numbers, credit card data and similar content.
Our standard Data Retention Period for analytics log data is 3 years. Aggregate statistics are retained indefinitely. Analytics log data is anonymized by removing the last 3 digits of the visitor IP address.
Data Retention Periods
See this article on our data retention periods