The General Data Protection Regulation (GDPR) took effect May 25, 2018. This policy obliges you as a company to provide your users with the data stored about them on request.

GDPR primarily regulates the control of personal data of citizens within the European Union and Economic Area. Among other things, users have the right to request a copy of their personal data collected by the data controller (for example, companies that collect this data for further processing). This data must then be provided to the user in a standard electronic format. It also regulates the "right to be forgotten" which means that the end-user may require companies, for example, to delete all personal data collected about him, or to stop any further dissemination or processing of this data by third parties.

Mapp's Data Privacy Compliance Manager enables you to meet these legal requirements: Easily retrieve your customers' information and export data that is filtered for a single user in an electronic format. This documentation explains the technical prerequisites for the use of Data Privacy Compliance Manager and how you can retrieve or delete user information.


Technical Requirements

To export user data from the Data Privacy Compliance Manager, the following IDs are required:

ID TypeID InformationTypeData Collected by
EIDUser EID (cookie ID or DEID)online

The EID is collected via the Mapp Intelligence cookie ID disclosure plugin.

Since the Mapp Intelligence cookie ID disclosure plugin is not available for mobile apps, it is the responsibility of the app developer to give the end-user access to the EIDs. To facilitate this, the Mapp SDKs offer functions that allow the developer to expose the EIDs.

Android: String eid = webtrekk.getEverId();
iOS (Swift): let eid = WebtrekkTracking.instance().everId

Customer IDUser customer IDoffline

You create customer IDs internally. For example, this may occur if an end customer contacts your customer call center or through another communication channel where the EID/cookie ID is unknown or inaccessible at the time of the end user contact.

Order IDUser order IDoffline

You create order IDs internally. For example, this may occur if an end customer contacts your customer call center or through another communication channel where the EID/cookie ID is unknown or inaccessible at the time of the end user contact.

The "Track ID" or IDs belonging to the customer account is also mandatory to be able to perform a lookup or a deletion request in the tool. The minimum requirement is the selection of a "Track ID" plus any of the supported end-user IDs listed in the table above.


Look-up or delete a user

Here are some common options to perform a user search or deletion on request.

Implement the cookie ID disclosure plugin

Implement the cookie ID disclosure plugin on the respective pages to create a function on your website for your end-users to access their cookie ID.

This is not mandatory. Depending on your setup and your knowledge and experience, you can also retrieve the EID however you see fit.

Implement SDK functions

Update your apps to make use of the following methods:

  • Android: String eid = webtrekk.getEverId();
  • iOS (Swift): let eid = WebtrekkTracking.instance().everId

Collect customer IDs or order IDs

When an end-user request is made by a call center or other direct communication, you can gather identifiers supported by Mapp Intelligence, such as customer IDs or order IDs along with the communication data. You will then have the required information ready to have user-lookup or deletion.


Select track ID

In the Data Privacy Compliance Manager, select the track ID of the account that your end-user request originated from in the drop-down list. The list is populated with all track IDs of your account. If the track ID is unknown select All from the list so that the system could iterate the given user ID (EID, Customer ID or Order ID) in all accounts belonging to the same customer.

In this case, there is a possibility of a collision that multiple matches could be found for any given user ID. This doesn't necessarily mean that the found matches (especially when customer ID and order ID is used) belong to the same actual user and could indeed be different users having the same customer ID or order ID that is linked to different track IDs. Same is valid for EID as well even though a collision may not be as frequent as in customer or order ID use.

Select user ID type

In the Data Privacy Compliance Manager, select any of the supported user ID types depending on how they are gathered:

  • EID (Cookie ID)
  • Customer ID
  • Order ID

Specify user ID

In the Data Privacy Compliance Manager, enter the user ID (based on the user ID type) to this respective field.