Siteimprove Data Privacy Overview
By Sean Needham
The Siteimprove Data Privacy module helps to give visibility and control over your websites’ data. It allows you to demonstrate compliance with regulations (e.g. GDPRs accountability principle) by providing an overview of domains, sub-domains, and IP addresses that may belong to your organization, and by enabling searches for text-based personal data in website files and pages. The Data Privacy module also enables you to see an overview of cookies appearing on your website.
The Data Privacy module requires that your website is crawled. The Siteimprove crawler crawls each unique URLs (pages) of your website and detects personal data on web pages and in files.
Data Privacy crawls the domains that customers have chosen to include in their Data Privacy Solution.
The Data Privacy module includes the following features:
- Personal data
- Domain and IP
- Universal Search
- Data Privacy and security policies
- User Action Log
- Data Privacy settings
The Overview introduces Data privacy. A Getting Started section gives useful information on how to make the most of the Data privacy features.
You also have quick access to the Universal Search feature allowing you to easily search through your content.
The Overview gives a summary of the status of your domains and a breakdown of the files being scanned.
Personal data graphs are presented so you can see your progress in addressing Personal ID numbers, Phone numbers, and email addresses on your website.
An inventory of pages that contain personal data, such as email addresses, phone numbers, and Personal Identification Numbers for the sites we crawl. Personal data is presented in the following forms:
- My Sites: Overview of personal data detected on each site divided into type. 'New' instances of personal data are those that have been detected in the last 30 days.
- Pages and Files Containing Personal Data: Showing all HTML pages and other files on the selected site where personal data has been detected. Personal data includes email addresses, personal ID numbers, and phone numbers.
- Personal data types: Here we show Personal data by type, i.e. Personal Identification Numbers, Phone numbers and Email addresses.
It is possible to prioritize the auditing of website pages. This is determined by the number of different types of personal data present, and whether a page has been viewed by visitors.
To learn more on the file formats supported in Personal data checks, see "In which document types does Siteimprove Data Privacy check for Personal Data?"
Personal Identification Numbers checks follow standardized country-specific format checks.
By default, checks are set to one country-specific format pr. site. Customer can edit the country-specific format for a site in Data Privacy settings.
Domain and IP
An inventory of all domains, sub-domains, and IP addresses that may belong to your organization, along with metadata such as who registered the domain, when it expires, etc.
Knowing what domains are owned by an organization is an important starting point for assessing where and how much personal data is being held on its websites.
Users also have the ability to "reject" domains that they don't own. It is indicated whether a domain or sub-domain is checked by Siteimprove, so users know whether there are any sites they own which potentially could have personal data that is not being checked.
Search and track your site's pages, files, HTML, and metadata for personal data, (e.g. find details on someone who has invoked their "right to be forgotten" under the rules of GDPR). Find out more about in the article "Universal Search and Tracked Search Terms"
Data privacy and security policies
The Siteimprove Data Privacy module includes pre-configured Data Privacy policies. These security and data privacy policies allow users to monitor their websites for potential data breaches or weak points (e.g. flagging HTML forms on unsecured HTTP pages). You can find out more in the article: "Security and Data Privacy Policies."
The Siteimprove Data Privacy module includes cookie tracking which provides users with an overview of the cookies set by the selected website. Find out more about cookie tracking in the article "Siteimprove Data Privacy: Cookie Tracking".
User Action Log
Documents actions taken by users within the Data Privacy module. Find out more about in the article "Data Privacy User Action Log".
Data Privacy settings
Personal identification numbers that are detected for each site follow a country-specific format.
You can see country formats being detected for each site on your account under Data Privacy > Data Privacy settings > Personal identification numbers > Country-specific format.
Note: Only Account Owners can edit the country format by clicking on the edit icon to the right side of the site table.
When personal identification numbers are detected, email alerts can be sent to specific users.
Only Account Owners can edit the email recipients.
To edit go to email recipients go to Data Privacy > Data Privacy settings > Personal identification numbers > Country-specific format.
Expanding the "Email Alerts" column and then click on the "Edit Recipients" button.
Then you can add and remove email recipients using the input field presented.
Note: The Siteimprove Data Privacy Module is a standalone product that can be purchased separately from the Content and Analytics Suites. Please contact us if you want to know more about the Siteimprove Data Privacy module.