All Collections
Pre-Sales FAQ
Personally identifiable information in MetaLocator
Personally identifiable information in MetaLocator

How MetaLocator handles "PII" amid global privacy regulation

Michael Fatica avatar
Written by Michael Fatica
Updated over a week ago

Locators may not appear to include personal or have privacy implications of any kind, however; upon further consideration, personally identifiable information can surface within MetaLocator, and this article discusses where that data can appear and how to manage it.

MetaLocator Data Types

To understand data privacy in MetaLocator, we should first define the various types of data involved.

  1. Customer-Provided Data. This is data uploaded directly from our customers into MetaLocator. This can include, but is not limited to:

    1. A spreadsheet of locations with columns like location name, address, city state, etc.

    2. Uploaded location images or files that may show a store front or profile photo.

    3. PDFs, documents or text files

    4. Technical assets like fonts, CSS or scripts.

  2. MetaLocator-Generated Data. This is information that is generated by MetaLocator which is confidential and proprietary to MetaLocator and our customers, such as:

    1. Analytics Data. This is information regarding the utilization of our customer's implementation of MetaLocator, and can include detailed information regarding approximate user location, browser software, device details, and visitation metrics like total number of users, number of searches. Analytics data can sometimes include eCommerce data as part of our Where to Buy solutions, so figures like revenue, sales and quantities of product sold.

    2. Data Enrichment. This includes optional MetaLocator-provided corrections or enrichment of user or customer provided address data. This includes

      1. Geocoding results including meta-data regarding user searches, such as the latitude/longitude of a user's search, or the city associated with their postal code search.

      2. Address correction results including corrected street address, city, state and other corrections

      3. Email validation data including the validation status of an email address.

    3. Log and Report Data. This includes data quality reports, email validation reports, log files of user activity, account establishment dates, and activity history. MetaLocator logging of our customer's activity includes full audit trail, including IP address, times and locations; however end-user logs are anonymized to avoid storage of full IP addresses and user locations are generalized.

  3. User-Provided Data. This is information created by the end users of this software. The general public users of the locators performing searches, filling out contact forms generally using the software. This includes

    1. Lead Data. MetaLocator allows its customers to create forms which are commonly used to gather information regarding a user inquiry, e.g. a business lead or contact. By default, MetaLocator includes Name, Email and Message on this form, but allows for custom fields which can be labelled and used as required by our customer.

    2. Crowdsourcing Data. For users of our Crowdsourcing plugin, or the Add Form, end users can fill out a form which commonly includes details regarding a location, but again, this form allows for custom fields which can be labelled and used as required by our customer.

    3. Search Data. This overlaps a bit with Analytics Data above, but users can enter keywords and search terms which are then stored in our Analytics system. For users of our SMS and IVR locator products, this can include the phone number used to request a text message of search results.

Data Privacy Protections

In order to protect the information of real persons, we provide protections and services including, but not limited to the following:

  1. We anonymize user IP addresses associated with analytics before permanent storage

  2. We store user location only in aggregate for reporting and reduce it's accuracy.

  3. We add an extra application layer of encryption to lead data for added redundancy.

  4. We provide GDPR-compliant discovery, disclosure and deletion tools.

  5. We provide tools to our customers to integrate with customer-provided privacy compliance tools.

  6. We optionally truncate phone number data captured in our SMS and IVR products.

Data Scope & Type

  1. Customer-Provided Data. MetaLocator customers define the scope of data imported into MetaLocator. MetaLocator customers choose and solely control the nature, type and volume of data imported into MetaLocator.

  2. User-Provided Data. MetaLocator customers define the scope of data that can be collected from end users. MetaLocator customers build and select the fields on the (optional) forms for Lead Capture, Search and Crowdsourcing. Therefore, the scope of data collected from end users and any potential impacts on privacy is under the sole control of our Customer.

  3. MetaLocator-Generated Analytics Data. MetaLocator analytics data captures anonymized details regarding user activity in a manner to dissociate it from real persons. We also provide facilities to allow end user's to opt-out of analytics tracking while relegating control, authority and responsibility over those opt-out mechanisms to our customers.

Data Storage & Transfers

MetaLocator stores data in the United States. We leverage the "standard contractual clauses" in our contracts to define MetaLocator as processor, and our customer as the controller under GDPR, including security practices, encryption, transfer practices etc. The actual details of these can be found in our Enterprise contracts, which are between MetaLocator and our Enterprise customer. GDPR tools, compliance, privacy tools and support thereof are only included in MetaLocator Enterprise contracts.

Data Retention Periods

Our data retention periods vary by the type of data as shown below:

  1. Customer-Provided Data. The contractual customer relationship period, plus 90 days.

  2. User-Provided Data. The contractual customer relationship period, plus 90 days.

  3. MetaLocator-Generated Analytics Data. Up to 3 years within the contractual customer relationship period, plus 90 days.

  4. MetaLocator-Generated Log Data. The contractual customer relationship period, plus 7 years.

  5. MetaLocator-Generated Report Data: The contractual customer relationship period, plus 90 days.

  6. MetaLocator-Generated Enrichment Data:

    1. Geocoding results and address corrections can be retained by MetaLocator indefinitely.

    2. Email validation data is retained for the contractual customer relationship period, plus 90 days.

  7. User-Provided Data

    1. The contractual customer relationship period, plus 90 days.

Deletion Requests

Users and customers may specifically request data deletion by contacting our support team (support@metalocator.com).

Personally Identifiable Information (PII) in MetaLocator

MetaLocator does not collect personally identifiable information unless specificially enabled by our customers as described below:

  1. Our Lead Generation and Form Builder tools allow our customers to create custom forms which may be used to collect personally identifiable information. The form fields can be defined by our customers and could, therefore; be used to collect personally identifiable information.

  2. Our location and product data import facilities include support for custom fields. Customers could theoretically import personal information in that data.

Our Limitation of Liability

MetaLocator does not audit or review the data uploaded by our customers. Nothing in MetaLocator specifically prevents our customers from, for example, creating a Lead Form which asks users for their drivers license number aside from our Terms of Use. Similarly, we can't prevent users from entering medical complaints into a contact form. We also can't prevent our customers from uploading data which could fall under the various and wide-ranging definitions of personally identifiable information and thus we disclaim our liability accordingly in our TOU.

MetaLocator does not audit or review:

  1. The data provided by our Customer

  2. The data provided by Users

We do regulate and reserve certain rights in our Terms of Use to limit egregious oversteps of the law such as pornography, adult services or “hate” groups. Similarly we prohibit the use of highly sensitive personal information like social security numbers, government-issued ID numbers and so forth.

The Customer-Provided Data as described in section 1 above should always be considered publicly available information.

Because we don't, and more importantly can't, audit the forms our customers build and the data uploaded by our customers and users we generally avoid bi-directional liability in our contracts and terms of use since our risk is much greater.

Related Articles
Tracking segmented analytics with MetaLocator
Introduction to MetaLocator Analytics
MetaLocator Teams Guide
Using Google Tag Manager and Universal Google Analytics with MetaLocator
Using GA4 & MetaLocator
Did this answer your question?