Personal Data capture and processing

Customers (“Customer(s)”, “you,” or “your”), as app developers and/or publishers, shall ensure compliance with applicable data privacy laws and regulatory guidelines while using Contentsquare SDK for your app.

This section explains the data processing involved in the use of Contentsquare SDK and provides information to help you comply with data protection laws, including the GDPR, e-privacy directive, and the French Data Protection authority (CNIL) guidelines on mobile applications ↗. This section is for informational purposes only and is not legal advice. If you are not sure of how to comply with data protection laws that apply to you, refer to legal counsel.

To learn about Contentsquare privacy practices, see our Privacy Center ↗ and Privacy Policy ↗.

The CSQ SDK is designed to collect personal data from end-users interacting with your app, for analyzing end-user’s multi-session journeys across your app, and other branded experiences to improve end-user’s conversion and retention.

By default, the CSQ SDK processes the following categories of personal data to achieve the purpose set out above:

• Online identifier: Contentsquare User ID
• Interaction data, such as how an end-user has interacted with the app, view page, click, submit, change; time of engagement
• Technical data, such as pages of an app an end-user visited, end-user’s type of computer operating system, end-user’s type of web browser, other backend technical data

Additional types of personal data may be processed (e.g. username, email address, customer ID, account number), depending on your configuration of the SDK and the applicable order form you signed with Contentsquare.

By default, personal data is kept for 37 months, or more if Customer purchases additional data history amount and/or Connect feature. Personal data collected via Connect feature is kept for the duration of the agreement with Customer.

End-users personal data is stored in Europe or in the US, depending on your configuration. For more details on applicable hosting locations, please refer to our subprocessors list, available here ↗.

When using autocapture, the CSQ SDK collects target text information about the element the end-user interacted with, as well as text data from UI elements further up in an element’s ancestry. However, some of these elements might contain end-user’s personal data, including sensitive data, that needs to be excluded from data capture.

There are three options for hiding sensitive data:

• Disabling text capture
• Per-view text masking
• Ignoring interactions for specific views

You have the option to disable text capture for all events that are automatically captured. To do this, use the CSQ.maskTexts() API.

CSQ.maskTexts(true)

CSQ.start(this)

CSQ.maskTexts(true);

CSQ.start(this);

If you don’t want to disable all text capture for your app, you can take a more targeted approach of only masking text for specific views in your app that you know might contain sensitive data. When text is masked for a view, it will still have target text, but the actual text will be replaced with ****.

View.csqMaskContents(true)

CSQ.mask(View);

If you find that certain interactions are prone to capturing sensitive data, or that a certain interaction might indicate sensitive information about a user during analysis, you have the option of ignoring all interactions on a per-view basis.

View.csqIgnoreInteractions(true)

CSQ.ignoreInteractions(View);