SlideShare a Scribd company logo

The GDPR: What, Why and How Botify is Compliant by Design

Botify
Botify

At Botify, we have a diverse international customer base, and we’ve always prioritized data privacy. Botify does not need any personal information to provide our service and all of our operations in the EU are already compliant with GDPR regulations. As Botify was designed to respect privacy, the new European law won’t affect our services and doesn’t require our customers to take action. There will be no changes in our services, and our customers won’t notice a thing.

Marketing
1 of 28
Nathalie Geoffrin VP Support & Services Prior to joining Botify, Nathalie was R&D Manager in a software company providing digital identities. As such, she built a strong sense of the importance of personal data and associated security concerns. She joined Botify, fascinated by processing data at a larger scale, and by transforming raw data to provide relevant information to our customers. The GDPR: What, Why and How Botify is Compliant by Design Follow us: @Botify - #BotifyWebinar
The New Standard in Organic Search Analytics Follow us: @Botify - #BotifyWebinar
Botify Webinar May 24th, 2018 The GDPR: What, Why and How Botify is Compliant by Design
Botify is GDPR-Compliant by design. Botify does not process any personal data, this is why Botify is GDPR-Compliant by design. Intro Takeaways Follow us: @Botify - #BotifyWebinar
1. Goal, Scope and Principles of GDPR 2. What kind of Data does Botify Process? 3. Why Botify is already Compliant Webinar Agenda Follow us: @Botify - #BotifyWebinar
Part #1 Goal, Scope and Principles of GDPR Follow us: @Botify - #BotifyWebinar
Goal of GDPR Article 1 (1) This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. (2) This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. (3) The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.Follow us: @Botify - #BotifyWebinar
Scope of GDPR (1) Scope is the ’personal data’ of EU residents (2) ’personal data’ means any information relating to an identified or identifiable natural person (3) ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (Article 4) Follow us: @Botify - #BotifyWebinar
Impact: 6 Required Commitments of GDPR Follow us: @Botify - #BotifyWebinar
Part #2 What kind of Data does Botify Process? Follow us: @Botify - #BotifyWebinar
Botify crawls websites and does not request Personal Data from Google Analytics. Botify as “Processor” Botify Analytics Botify does not request Personal Data from Google Search Console. Botify processes your Log Files and does not request Personal Data in the Log Files. Botify Keywords Botify Log Analyzer Follow us: @Botify - #BotifyWebinar
A Log Line Example Follow us: @Botify - #BotifyWebinar
Log Data we Request from Customers - Date: Exact date of the request - URL: The full URL with query parameters - Referer: Page from which the connexion was made - User-Agent: Browser or bot that issued the request - HTTP Status Code: HTTP Status Code of the response (200, 301, 404, etc.) - Domain associated with the URL - Protocol: The protocol in which the file is provided (HTTP or HTTPS) - Search Engine Crawler IP Address (googleBot, bingBot…): The bot IP for crawl lines (address of the machine sending the crawl request). Follow us: @Botify - #BotifyWebinar
No Personal IP are processed Botify does not need, and does not use, any Individual IPs or Personal Data for its processing. If we receive an Personal IP Address, we keep it in the raw log files, and discard it from the analysis. We do not keep it in our product databases. Follow us: @Botify - #BotifyWebinar
Processing Bot IP Addresses Only For data accuracy, our customers can provide us with the search engines’ IP Addresses (search engine IPs are public). Botify is interested in receiving Bot IPs (not a Personal Data) to authenticate the Bots. It improves our dashboard accuracy and value. Read log line (including IP) Is it a bot line? (based on User- Agent) Is it a real bot? (based on bot IP) Process line data, remove IP Compute dashboard (no IP) Provide dashboard (no IP) no yes Discard log line no yes Follow us: @Botify - #BotifyWebinar
Part #3 Why is Botify Compliant Follow us: @Botify - #BotifyWebinar
We do not need any Personal Data ● We ask clients to discard Personal IPs before sending log files to us ● We provide example scripts to help you out, ○ for CSV logs ○ and for JSON logs. ( https://www.botify.com/support/how-tos/ ) ● The script: ○ removes any non-crawl and non-visit lines ('data minimisation'); ○ and strips the IP address from any non-crawl line (no personal data sent to Botify). Follow us: @Botify - #BotifyWebinar
If you did not discard Personal IPs If nevertheless we find some Personal IPs in your log files, we are committed to remove this information before analyzing your data. We only process the IP addresses with the processing purpose “verify that the crawl lines belong to expected crawl bots” This processing takes place in the USA under the US-EU Privacy Shield Agreement We automatically remove IP addresses and they are not available in any Botify reports. We archive customer raw logs for a duration of 6 months, in Europe, only in the purpose of recomputing in case of any need. No IP addresses stored Crawl Lines = Crawl Bots US-EU Privacy Shield Raw logs archived for 6 months Follow us: @Botify - #BotifyWebinar
We commit to the 6 GDPR Principles Follow us: @Botify - #BotifyWebinar
Lawfulness, Fairness and Transparency ● We provide a Data Processing Agreement that you can download from our website and that describes our processing and hosting providers. ● We created a Processing Register that describes: ● Our DPO: Charles Tenot, Global VP Finance and Operations Hosting Services Location Processing Activities, processing purpose Security Measures Follow us: @Botify - #BotifyWebinar
Purpose Limitation ● We do not use Personal Data at any point in our process for any purpose related to the individual. We do not obtain any information related to physical persons from our processing. ● We only use the bot IP Addresses to improve the accuracy of bot traffic information. ● We commit to limit the processing to the scope of the contract, and to remove personal IP addresses, if provided. No Use of Personal Data Follow us: @Botify - #BotifyWebinar
Data Minimisation ● IP Addresses verification for bots is the very first step of our process. ● We discard the IP Addresses as early as possible in our processing. ● We do not store the IP Addresses in the app database, they are only located in the raw logs you provided and in the archives. IP Addresses are not Stored Follow us: @Botify - #BotifyWebinar
Storage Limitation ● We only store the raw logs, for reprocessing purpose in case of error. ● We keep the raw logs for 2 weeks on your FTP server, then we archive them for 6 months. ● These are default durations that you can ask us to reduce if you prefer. ● Storage and Archiving take place in the EU. Raw Logs are kept 2 weeks and archived 6 months in the EU Follow us: @Botify - #BotifyWebinar
Integrity and Confidentiality ● The airlock you uploaded the files to is a secure server. ● Log file transfer between the airlock you uploaded the files to and the app, and between the airlock and the archiving server, are secure (ssh-based) transfers. ● Archiving server is a secure server. ● Access to Raw Log files is limited to dedicated Engineers, for integration, support and engineering purposes. Awareness, training + contract. ● We will inform our customers as early as possible if any breach or data loss occurred on your log files. From Upload to Archive, Servers are Secure
● We do not need Personal Data in any of our apps. ● The only Personal Data that may be processed by Botify are Personal IP Addresses in Log Files if customers provide them. ● We provide sample scripts to help you send us logs without Personal IP Addresses. ● If you send us Personal IP Addresses, we are GDPR-compliant anyway. Summary Follow us: @Botify - #BotifyWebinar
Let’s keep in touch Any questions? We are here to help! dpo@botify.com Follow us: @Botify - #BotifyWebinar
GSC vs. Scraping: Go Beyond Rankings DON’T MISS OUR NEXT WEBINAR www.botify.com/webinars BOTIFY COMES TO YOU! Follow us: @Botify - #BotifyWebinar SaaStr Europa June 14th - Paris IRCE June 5th -Chicago SMX Paris June 12th - Paris SMX Advanced June 11th - Seattle
Any questions? Get in touch! dpo@botify.com

Recommended

GSC vs Scraping: Go Beyond Rankings
GSC vs Scraping: Go Beyond RankingsGSC vs Scraping: Go Beyond Rankings
GSC vs Scraping: Go Beyond Rankings
Botify
 
Demystifying JavaScript & SEO
Demystifying JavaScript & SEODemystifying JavaScript & SEO
Demystifying JavaScript & SEO
Botify
 
Mobile first index webinar
Mobile first index webinarMobile first index webinar
Mobile first index webinar
Botify
 
Webinar Structured Data
Webinar Structured DataWebinar Structured Data
Webinar Structured Data
Botify
 
Decrypt Google’s Behavior with Botify Log Analyzer
Decrypt Google’s Behavior with Botify Log AnalyzerDecrypt Google’s Behavior with Botify Log Analyzer
Decrypt Google’s Behavior with Botify Log Analyzer
Botify
 
Google Analytics New Features - Webinar - 20091030
Google Analytics New Features - Webinar - 20091030Google Analytics New Features - Webinar - 20091030
Google Analytics New Features - Webinar - 20091030
Vinoaj Vijeyakumaar
 
I have google analytics why do i need webmaster tools
I have google analytics why do i need webmaster toolsI have google analytics why do i need webmaster tools
I have google analytics why do i need webmaster tools
Beth Browning
 
Botify Webinar - The new Version of Botify Keywords
Botify Webinar - The new Version of Botify KeywordsBotify Webinar - The new Version of Botify Keywords
Botify Webinar - The new Version of Botify Keywords
Botify
 

Recommended

GSC vs Scraping: Go Beyond Rankings
GSC vs Scraping: Go Beyond RankingsGSC vs Scraping: Go Beyond Rankings
GSC vs Scraping: Go Beyond Rankings
Botify
 
Demystifying JavaScript & SEO
Demystifying JavaScript & SEODemystifying JavaScript & SEO
Demystifying JavaScript & SEO
Botify
 
Mobile first index webinar
Mobile first index webinarMobile first index webinar
Mobile first index webinar
Botify
 
Webinar Structured Data
Webinar Structured DataWebinar Structured Data
Webinar Structured Data
Botify
 
Decrypt Google’s Behavior with Botify Log Analyzer
Decrypt Google’s Behavior with Botify Log AnalyzerDecrypt Google’s Behavior with Botify Log Analyzer
Decrypt Google’s Behavior with Botify Log Analyzer
Botify
 
Google Analytics New Features - Webinar - 20091030
Google Analytics New Features - Webinar - 20091030Google Analytics New Features - Webinar - 20091030
Google Analytics New Features - Webinar - 20091030
Vinoaj Vijeyakumaar
 
I have google analytics why do i need webmaster tools
I have google analytics why do i need webmaster toolsI have google analytics why do i need webmaster tools
I have google analytics why do i need webmaster tools
Beth Browning
 
Botify Webinar - The new Version of Botify Keywords
Botify Webinar - The new Version of Botify KeywordsBotify Webinar - The new Version of Botify Keywords
Botify Webinar - The new Version of Botify Keywords
Botify
 
Mobile-First Index: A Data-Driven Analysis & Discussion
Mobile-First Index: A Data-Driven Analysis & DiscussionMobile-First Index: A Data-Driven Analysis & Discussion
Mobile-First Index: A Data-Driven Analysis & Discussion
Botify
 
White Hat Cloaking
White Hat CloakingWhite Hat Cloaking
White Hat Cloaking
Hamlet Batista
 
Botify webinar Internal Linking - October 2018
Botify webinar Internal Linking - October 2018Botify webinar Internal Linking - October 2018
Botify webinar Internal Linking - October 2018
Botify
 
Google WebMaster Tool
Google WebMaster ToolGoogle WebMaster Tool
Google WebMaster Tool
Ali Ahmed
 
Understand the impact of Javascript on SEO
Understand the impact of Javascript on SEOUnderstand the impact of Javascript on SEO
Understand the impact of Javascript on SEO
Botify
 
Sample seo report
Sample seo reportSample seo report
Sample seo report
Marcela De Vivo
 
Botify Keywords webinar - september 2017
Botify Keywords webinar - september 2017Botify Keywords webinar - september 2017
Botify Keywords webinar - september 2017
Botify
 
Website relaunch SEO: Planning your website content for a successful relaunch...
Website relaunch SEO: Planning your website content for a successful relaunch...Website relaunch SEO: Planning your website content for a successful relaunch...
Website relaunch SEO: Planning your website content for a successful relaunch...
Eoghan Henn
 
Reach your marketing goals with Google Analytics - Dig South 2014
Reach your marketing goals with Google Analytics - Dig South 2014Reach your marketing goals with Google Analytics - Dig South 2014
Reach your marketing goals with Google Analytics - Dig South 2014
Tina Arnoldi, MA, LPC
 
SEO & the future of search
SEO & the future of searchSEO & the future of search
SEO & the future of search
Fili Wiese - SEO Expert
 
How Does Google Crawl the Web?
How Does Google Crawl the Web?How Does Google Crawl the Web?
How Does Google Crawl the Web?
Botify
 
Using Google Analytics and Google Webmaster Tools to improve your site
Using Google Analytics and Google Webmaster Tools to improve your siteUsing Google Analytics and Google Webmaster Tools to improve your site
Using Google Analytics and Google Webmaster Tools to improve your site
Mickey Mellen
 
Successful SEO with HTTPS
Successful SEO with HTTPSSuccessful SEO with HTTPS
Successful SEO with HTTPS
Fili Wiese - SEO Expert
 
Google Tools for SEO
Google Tools for SEOGoogle Tools for SEO
Google Tools for SEO
Benj Arriola
 
SEO Tutorial
SEO TutorialSEO Tutorial
SEO Tutorial
RyzeUp Internet Marketing
 
Competitor Site Audits with Free Tools and Data - Sophie Gibson - BrightonSEO...
Competitor Site Audits with Free Tools and Data - Sophie Gibson - BrightonSEO...Competitor Site Audits with Free Tools and Data - Sophie Gibson - BrightonSEO...
Competitor Site Audits with Free Tools and Data - Sophie Gibson - BrightonSEO...
Sophie Gibson
 
The Beginner's Guide to Googlebot Optimization
The Beginner's Guide to Googlebot OptimizationThe Beginner's Guide to Googlebot Optimization
The Beginner's Guide to Googlebot Optimization
CMI_Compas
 
Matt Lebaron - Advanced Search Summit Napa 2019
Matt Lebaron - Advanced Search Summit Napa 2019Matt Lebaron - Advanced Search Summit Napa 2019
Matt Lebaron - Advanced Search Summit Napa 2019
Digital Marketers Organization
 
SEO Competitive Analysis - Sample Report
SEO Competitive Analysis - Sample ReportSEO Competitive Analysis - Sample Report
SEO Competitive Analysis - Sample Report
Alok Raghuwanshi
 
Driving More Value With Automated Analytics
Driving More Value With Automated AnalyticsDriving More Value With Automated Analytics
Driving More Value With Automated Analytics
Jim Kaplan CIA CFE
 
Unlock your Big Data with Analytics and BI on Office 365
Unlock your Big Data with Analytics and BI on Office 365Unlock your Big Data with Analytics and BI on Office 365
Unlock your Big Data with Analytics and BI on Office 365
Brian Culver
 
Martijn Scheijbeler @ All Things DATA 2016
Martijn Scheijbeler @ All Things DATA 2016Martijn Scheijbeler @ All Things DATA 2016
Martijn Scheijbeler @ All Things DATA 2016
Shuki Mann
 

More Related Content

What's hot

What's hot (19)

Mobile-First Index: A Data-Driven Analysis & Discussion
Mobile-First Index: A Data-Driven Analysis & DiscussionMobile-First Index: A Data-Driven Analysis & Discussion
Mobile-First Index: A Data-Driven Analysis & Discussion
 
White Hat Cloaking
White Hat CloakingWhite Hat Cloaking
White Hat Cloaking
 
Botify webinar Internal Linking - October 2018
Botify webinar Internal Linking - October 2018Botify webinar Internal Linking - October 2018
Botify webinar Internal Linking - October 2018
 
Google WebMaster Tool
Google WebMaster ToolGoogle WebMaster Tool
Google WebMaster Tool
 
Understand the impact of Javascript on SEO
Understand the impact of Javascript on SEOUnderstand the impact of Javascript on SEO
Understand the impact of Javascript on SEO
 
Sample seo report
Sample seo reportSample seo report
Sample seo report
 
Botify Keywords webinar - september 2017
Botify Keywords webinar - september 2017Botify Keywords webinar - september 2017
Botify Keywords webinar - september 2017
 
Website relaunch SEO: Planning your website content for a successful relaunch...
Website relaunch SEO: Planning your website content for a successful relaunch...Website relaunch SEO: Planning your website content for a successful relaunch...
Website relaunch SEO: Planning your website content for a successful relaunch...
 
Reach your marketing goals with Google Analytics - Dig South 2014
Reach your marketing goals with Google Analytics - Dig South 2014Reach your marketing goals with Google Analytics - Dig South 2014
Reach your marketing goals with Google Analytics - Dig South 2014
 
SEO & the future of search
SEO & the future of searchSEO & the future of search
SEO & the future of search
 
How Does Google Crawl the Web?
How Does Google Crawl the Web?How Does Google Crawl the Web?
How Does Google Crawl the Web?
 
Using Google Analytics and Google Webmaster Tools to improve your site
Using Google Analytics and Google Webmaster Tools to improve your siteUsing Google Analytics and Google Webmaster Tools to improve your site
Using Google Analytics and Google Webmaster Tools to improve your site
 
Successful SEO with HTTPS
Successful SEO with HTTPSSuccessful SEO with HTTPS
Successful SEO with HTTPS
 
Google Tools for SEO
Google Tools for SEOGoogle Tools for SEO
Google Tools for SEO
 
SEO Tutorial
SEO TutorialSEO Tutorial
SEO Tutorial
 
Competitor Site Audits with Free Tools and Data - Sophie Gibson - BrightonSEO...
Competitor Site Audits with Free Tools and Data - Sophie Gibson - BrightonSEO...Competitor Site Audits with Free Tools and Data - Sophie Gibson - BrightonSEO...
Competitor Site Audits with Free Tools and Data - Sophie Gibson - BrightonSEO...
 
The Beginner's Guide to Googlebot Optimization
The Beginner's Guide to Googlebot OptimizationThe Beginner's Guide to Googlebot Optimization
The Beginner's Guide to Googlebot Optimization
 
Matt Lebaron - Advanced Search Summit Napa 2019
Matt Lebaron - Advanced Search Summit Napa 2019Matt Lebaron - Advanced Search Summit Napa 2019
Matt Lebaron - Advanced Search Summit Napa 2019
 
SEO Competitive Analysis - Sample Report
SEO Competitive Analysis - Sample ReportSEO Competitive Analysis - Sample Report
SEO Competitive Analysis - Sample Report
 

Similar to The GDPR: What, Why and How Botify is Compliant by Design

Driving More Value With Automated Analytics
Driving More Value With Automated AnalyticsDriving More Value With Automated Analytics
Driving More Value With Automated Analytics
Jim Kaplan CIA CFE
 
Social Sign-On with Authentication Providers Webinar
Social Sign-On with Authentication Providers WebinarSocial Sign-On with Authentication Providers Webinar
Social Sign-On with Authentication Providers Webinar
Salesforce Developers
 
Social Sign-On with Authentication Providers
Social Sign-On with Authentication ProvidersSocial Sign-On with Authentication Providers
Social Sign-On with Authentication Providers
Developer Force - Force.com Community
 
SEO Server Log File Analysis - What You Should Be Looking For - Tea-Time SEO ...
SEO Server Log File Analysis - What You Should Be Looking For - Tea-Time SEO ...SEO Server Log File Analysis - What You Should Be Looking For - Tea-Time SEO ...
SEO Server Log File Analysis - What You Should Be Looking For - Tea-Time SEO ...
Authoritas
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
Brian Culver
 
SPT 104 Unlock your big data with analytics and BI on Office 365
SPT 104 Unlock your big data with analytics and BI on Office 365SPT 104 Unlock your big data with analytics and BI on Office 365
SPT 104 Unlock your big data with analytics and BI on Office 365
Brian Culver
 
How to data mine your print reports
How to data mine your print reports How to data mine your print reports
How to data mine your print reports
Jim Kaplan CIA CFE
 
Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10)
Jim Kaplan CIA CFE
 
Machine Learning at Hand with Power BI
Machine Learning at Hand with Power BIMachine Learning at Hand with Power BI
Machine Learning at Hand with Power BI
Ivo Andreev
 

Similar to The GDPR: What, Why and How Botify is Compliant by Design (20)

Driving More Value With Automated Analytics
Driving More Value With Automated AnalyticsDriving More Value With Automated Analytics
Driving More Value With Automated Analytics
 
Unlock your Big Data with Analytics and BI on Office 365
Unlock your Big Data with Analytics and BI on Office 365Unlock your Big Data with Analytics and BI on Office 365
Unlock your Big Data with Analytics and BI on Office 365
 
Martijn Scheijbeler @ All Things DATA 2016
Martijn Scheijbeler @ All Things DATA 2016Martijn Scheijbeler @ All Things DATA 2016
Martijn Scheijbeler @ All Things DATA 2016
 
Social Sign-On with Authentication Providers Webinar
Social Sign-On with Authentication Providers WebinarSocial Sign-On with Authentication Providers Webinar
Social Sign-On with Authentication Providers Webinar
 
Social Sign-On with Authentication Providers
Social Sign-On with Authentication ProvidersSocial Sign-On with Authentication Providers
Social Sign-On with Authentication Providers
 
Python Development - V2STech Corporate presentation
Python Development - V2STech Corporate presentationPython Development - V2STech Corporate presentation
Python Development - V2STech Corporate presentation
 
SharePoint and GDPR Compliance
SharePoint and GDPR Compliance SharePoint and GDPR Compliance
SharePoint and GDPR Compliance
 
SEO Server Log File Analysis - What You Should Be Looking For - Tea-Time SEO ...
SEO Server Log File Analysis - What You Should Be Looking For - Tea-Time SEO ...SEO Server Log File Analysis - What You Should Be Looking For - Tea-Time SEO ...
SEO Server Log File Analysis - What You Should Be Looking For - Tea-Time SEO ...
 
Top Web Scraping Service Provider For The Retail Data
Top Web Scraping Service Provider For The Retail DataTop Web Scraping Service Provider For The Retail Data
Top Web Scraping Service Provider For The Retail Data
 
Bitclave - investment attractiveness report (Digital Rating Agency)
Bitclave - investment attractiveness report (Digital Rating Agency)Bitclave - investment attractiveness report (Digital Rating Agency)
Bitclave - investment attractiveness report (Digital Rating Agency)
 
Blount B2B Project European Results
Blount B2B Project European ResultsBlount B2B Project European Results
Blount B2B Project European Results
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
 
Cognitive Services Extravaganza
Cognitive Services ExtravaganzaCognitive Services Extravaganza
Cognitive Services Extravaganza
 
SPT 104 Unlock your big data with analytics and BI on Office 365
SPT 104 Unlock your big data with analytics and BI on Office 365SPT 104 Unlock your big data with analytics and BI on Office 365
SPT 104 Unlock your big data with analytics and BI on Office 365
 
Actionable Insights with Google Analytics - Ben Rogers - Attacat Internet Mar...
Actionable Insights with Google Analytics - Ben Rogers - Attacat Internet Mar...Actionable Insights with Google Analytics - Ben Rogers - Attacat Internet Mar...
Actionable Insights with Google Analytics - Ben Rogers - Attacat Internet Mar...
 
2018 Social Media Tools for Lawyers
2018 Social Media Tools for Lawyers 2018 Social Media Tools for Lawyers
2018 Social Media Tools for Lawyers
 
How to data mine your print reports
How to data mine your print reports How to data mine your print reports
How to data mine your print reports
 
Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10)
 
2018-10-25 Group RPA - AA Deck.pptx
2018-10-25 Group RPA - AA Deck.pptx2018-10-25 Group RPA - AA Deck.pptx
2018-10-25 Group RPA - AA Deck.pptx
 
Machine Learning at Hand with Power BI
Machine Learning at Hand with Power BIMachine Learning at Hand with Power BI
Machine Learning at Hand with Power BI
 

More from Botify

Faceted Navigation: (Almost) Everyone is Doing it Wrong
Faceted Navigation: (Almost) Everyone is Doing it WrongFaceted Navigation: (Almost) Everyone is Doing it Wrong
Faceted Navigation: (Almost) Everyone is Doing it Wrong
Botify
 

More from Botify (13)

Faceted Navigation: (Almost) Everyone is Doing it Wrong
Faceted Navigation: (Almost) Everyone is Doing it WrongFaceted Navigation: (Almost) Everyone is Doing it Wrong
Faceted Navigation: (Almost) Everyone is Doing it Wrong
 
From Search to Transaction: How to Master the Customer Experience
From Search to Transaction: How to Master the Customer ExperienceFrom Search to Transaction: How to Master the Customer Experience
From Search to Transaction: How to Master the Customer Experience
 
The Evolution of Customer Journeys & SEO
The Evolution of Customer Journeys & SEOThe Evolution of Customer Journeys & SEO
The Evolution of Customer Journeys & SEO
 
How Is COVID-19 Impacting Organic Search by Industry & What Can We Do About It?
How Is COVID-19 Impacting Organic Search by Industry & What Can We Do About It?How Is COVID-19 Impacting Organic Search by Industry & What Can We Do About It?
How Is COVID-19 Impacting Organic Search by Industry & What Can We Do About It?
 
How to Find Your Site's True Ranking Factors
How to Find Your Site's True Ranking FactorsHow to Find Your Site's True Ranking Factors
How to Find Your Site's True Ranking Factors
 
Webinar: How to Make Data-Driven Marketing Decisions Without a Data Science D...
Webinar: How to Make Data-Driven Marketing Decisions Without a Data Science D...Webinar: How to Make Data-Driven Marketing Decisions Without a Data Science D...
Webinar: How to Make Data-Driven Marketing Decisions Without a Data Science D...
 
The Total Economic Impact of Botify
The Total Economic Impact of BotifyThe Total Economic Impact of Botify
The Total Economic Impact of Botify
 
Algo Updates, Volatility, & How to Roll with the Punches in SEO
Algo Updates, Volatility, & How to Roll with the Punches in SEOAlgo Updates, Volatility, & How to Roll with the Punches in SEO
Algo Updates, Volatility, & How to Roll with the Punches in SEO
 
New Holiday Data Reveals Insights About Handling Seasonal Volatility - Q1 202...
New Holiday Data Reveals Insights About Handling Seasonal Volatility - Q1 202...New Holiday Data Reveals Insights About Handling Seasonal Volatility - Q1 202...
New Holiday Data Reveals Insights About Handling Seasonal Volatility - Q1 202...
 
Living in a mobile first index world
Living in a mobile first index worldLiving in a mobile first index world
Living in a mobile first index world
 
BrightonSEO 2019 - Crawl Budget is dead, please welcome Rendering Budget
BrightonSEO 2019 - Crawl Budget is dead, please welcome Rendering BudgetBrightonSEO 2019 - Crawl Budget is dead, please welcome Rendering Budget
BrightonSEO 2019 - Crawl Budget is dead, please welcome Rendering Budget
 
Why auditing your rel=canonical configuration is a shrewd move
Why auditing your rel=canonical configuration is a shrewd moveWhy auditing your rel=canonical configuration is a shrewd move
Why auditing your rel=canonical configuration is a shrewd move
 
Webinar content quality - march 2017
Webinar content quality - march 2017Webinar content quality - march 2017
Webinar content quality - march 2017
 

Recently uploaded

FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
dollysharma2066
 
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel LeminTurn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
Delhi Call girls
 
Brand experience Dream Center Peoria Presentation.pdf
Brand experience Dream Center Peoria Presentation.pdfBrand experience Dream Center Peoria Presentation.pdf
Brand experience Dream Center Peoria Presentation.pdf
tbatkhuu1
 
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting GroupSEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 

Recently uploaded (20)

FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
 
Defining Marketing for the 21st Century,kotler
Defining Marketing for the 21st Century,kotlerDefining Marketing for the 21st Century,kotler
Defining Marketing for the 21st Century,kotler
 
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel LeminTurn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
 
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
 
Instant Digital Issuance: An Overview With Critical First Touch Best Practices
Instant Digital Issuance: An Overview With Critical First Touch Best PracticesInstant Digital Issuance: An Overview With Critical First Touch Best Practices
Instant Digital Issuance: An Overview With Critical First Touch Best Practices
 
Cash payment girl 9257726604 Hand ✋ to Hand over girl
Cash payment girl 9257726604 Hand ✋ to Hand over girlCash payment girl 9257726604 Hand ✋ to Hand over girl
Cash payment girl 9257726604 Hand ✋ to Hand over girl
 
LinkedIn Social Selling Master Class - David Wong
LinkedIn Social Selling Master Class - David WongLinkedIn Social Selling Master Class - David Wong
LinkedIn Social Selling Master Class - David Wong
 
Podcast Marketing Master Class - Roger Nairn
Podcast Marketing Master Class - Roger NairnPodcast Marketing Master Class - Roger Nairn
Podcast Marketing Master Class - Roger Nairn
 
The Future of Brands on LinkedIn - Alison Kaltman
The Future of Brands on LinkedIn - Alison KaltmanThe Future of Brands on LinkedIn - Alison Kaltman
The Future of Brands on LinkedIn - Alison Kaltman
 
BLOOM_April2024. Balmer Lawrie Online Monthly Bulletin
BLOOM_April2024. Balmer Lawrie Online Monthly BulletinBLOOM_April2024. Balmer Lawrie Online Monthly Bulletin
BLOOM_April2024. Balmer Lawrie Online Monthly Bulletin
 
Developing Marketing Strategies and Plans kotler
Developing Marketing Strategies and Plans kotlerDeveloping Marketing Strategies and Plans kotler
Developing Marketing Strategies and Plans kotler
 
Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...
Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...
Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...
 
Brand Strategy Master Class - Juntae DeLane
Brand Strategy Master Class - Juntae DeLaneBrand Strategy Master Class - Juntae DeLane
Brand Strategy Master Class - Juntae DeLane
 
How to Create a Social Media Plan Like a Pro - Jordan Scheltgen
How to Create a Social Media Plan Like a Pro - Jordan ScheltgenHow to Create a Social Media Plan Like a Pro - Jordan Scheltgen
How to Create a Social Media Plan Like a Pro - Jordan Scheltgen
 
Martal Group - B2B Lead Gen Agency - Onboarding Overview
Martal Group - B2B Lead Gen Agency - Onboarding OverviewMartal Group - B2B Lead Gen Agency - Onboarding Overview
Martal Group - B2B Lead Gen Agency - Onboarding Overview
 
Brand experience Dream Center Peoria Presentation.pdf
Brand experience Dream Center Peoria Presentation.pdfBrand experience Dream Center Peoria Presentation.pdf
Brand experience Dream Center Peoria Presentation.pdf
 
Unraveling the Mystery of the Hinterkaifeck Murders.pptx
Unraveling the Mystery of the Hinterkaifeck Murders.pptxUnraveling the Mystery of the Hinterkaifeck Murders.pptx
Unraveling the Mystery of the Hinterkaifeck Murders.pptx
 
Social Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid mediaSocial Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid media
 
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting GroupSEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
 
Unraveling the Mystery of The Circleville Letters.pptx
Unraveling the Mystery of The Circleville Letters.pptxUnraveling the Mystery of The Circleville Letters.pptx
Unraveling the Mystery of The Circleville Letters.pptx
 

The GDPR: What, Why and How Botify is Compliant by Design

  • 1. Nathalie Geoffrin VP Support & Services Prior to joining Botify, Nathalie was R&D Manager in a software company providing digital identities. As such, she built a strong sense of the importance of personal data and associated security concerns. She joined Botify, fascinated by processing data at a larger scale, and by transforming raw data to provide relevant information to our customers. The GDPR: What, Why and How Botify is Compliant by Design Follow us: @Botify - #BotifyWebinar
  • 2. The New Standard in Organic Search Analytics Follow us: @Botify - #BotifyWebinar
  • 3. Botify Webinar May 24th, 2018 The GDPR: What, Why and How Botify is Compliant by Design
  • 4. Botify is GDPR-Compliant by design. Botify does not process any personal data, this is why Botify is GDPR-Compliant by design. Intro Takeaways Follow us: @Botify - #BotifyWebinar
  • 5. 1. Goal, Scope and Principles of GDPR 2. What kind of Data does Botify Process? 3. Why Botify is already Compliant Webinar Agenda Follow us: @Botify - #BotifyWebinar
  • 6. Part #1 Goal, Scope and Principles of GDPR Follow us: @Botify - #BotifyWebinar
  • 7. Goal of GDPR Article 1 (1) This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. (2) This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. (3) The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.Follow us: @Botify - #BotifyWebinar
  • 8. Scope of GDPR (1) Scope is the ’personal data’ of EU residents (2) ’personal data’ means any information relating to an identified or identifiable natural person (3) ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (Article 4) Follow us: @Botify - #BotifyWebinar
  • 9. Impact: 6 Required Commitments of GDPR Follow us: @Botify - #BotifyWebinar
  • 10. Part #2 What kind of Data does Botify Process? Follow us: @Botify - #BotifyWebinar
  • 11. Botify crawls websites and does not request Personal Data from Google Analytics. Botify as “Processor” Botify Analytics Botify does not request Personal Data from Google Search Console. Botify processes your Log Files and does not request Personal Data in the Log Files. Botify Keywords Botify Log Analyzer Follow us: @Botify - #BotifyWebinar
  • 12. A Log Line Example Follow us: @Botify - #BotifyWebinar
  • 13. Log Data we Request from Customers - Date: Exact date of the request - URL: The full URL with query parameters - Referer: Page from which the connexion was made - User-Agent: Browser or bot that issued the request - HTTP Status Code: HTTP Status Code of the response (200, 301, 404, etc.) - Domain associated with the URL - Protocol: The protocol in which the file is provided (HTTP or HTTPS) - Search Engine Crawler IP Address (googleBot, bingBot…): The bot IP for crawl lines (address of the machine sending the crawl request). Follow us: @Botify - #BotifyWebinar
  • 14. No Personal IP are processed Botify does not need, and does not use, any Individual IPs or Personal Data for its processing. If we receive an Personal IP Address, we keep it in the raw log files, and discard it from the analysis. We do not keep it in our product databases. Follow us: @Botify - #BotifyWebinar
  • 15. Processing Bot IP Addresses Only For data accuracy, our customers can provide us with the search engines’ IP Addresses (search engine IPs are public). Botify is interested in receiving Bot IPs (not a Personal Data) to authenticate the Bots. It improves our dashboard accuracy and value. Read log line (including IP) Is it a bot line? (based on User- Agent) Is it a real bot? (based on bot IP) Process line data, remove IP Compute dashboard (no IP) Provide dashboard (no IP) no yes Discard log line no yes Follow us: @Botify - #BotifyWebinar
  • 16. Part #3 Why is Botify Compliant Follow us: @Botify - #BotifyWebinar
  • 17. We do not need any Personal Data ● We ask clients to discard Personal IPs before sending log files to us ● We provide example scripts to help you out, ○ for CSV logs ○ and for JSON logs. ( https://www.botify.com/support/how-tos/ ) ● The script: ○ removes any non-crawl and non-visit lines ('data minimisation'); ○ and strips the IP address from any non-crawl line (no personal data sent to Botify). Follow us: @Botify - #BotifyWebinar
  • 18. If you did not discard Personal IPs If nevertheless we find some Personal IPs in your log files, we are committed to remove this information before analyzing your data. We only process the IP addresses with the processing purpose “verify that the crawl lines belong to expected crawl bots” This processing takes place in the USA under the US-EU Privacy Shield Agreement We automatically remove IP addresses and they are not available in any Botify reports. We archive customer raw logs for a duration of 6 months, in Europe, only in the purpose of recomputing in case of any need. No IP addresses stored Crawl Lines = Crawl Bots US-EU Privacy Shield Raw logs archived for 6 months Follow us: @Botify - #BotifyWebinar
  • 19. We commit to the 6 GDPR Principles Follow us: @Botify - #BotifyWebinar
  • 20. Lawfulness, Fairness and Transparency ● We provide a Data Processing Agreement that you can download from our website and that describes our processing and hosting providers. ● We created a Processing Register that describes: ● Our DPO: Charles Tenot, Global VP Finance and Operations Hosting Services Location Processing Activities, processing purpose Security Measures Follow us: @Botify - #BotifyWebinar
  • 21. Purpose Limitation ● We do not use Personal Data at any point in our process for any purpose related to the individual. We do not obtain any information related to physical persons from our processing. ● We only use the bot IP Addresses to improve the accuracy of bot traffic information. ● We commit to limit the processing to the scope of the contract, and to remove personal IP addresses, if provided. No Use of Personal Data Follow us: @Botify - #BotifyWebinar
  • 22. Data Minimisation ● IP Addresses verification for bots is the very first step of our process. ● We discard the IP Addresses as early as possible in our processing. ● We do not store the IP Addresses in the app database, they are only located in the raw logs you provided and in the archives. IP Addresses are not Stored Follow us: @Botify - #BotifyWebinar
  • 23. Storage Limitation ● We only store the raw logs, for reprocessing purpose in case of error. ● We keep the raw logs for 2 weeks on your FTP server, then we archive them for 6 months. ● These are default durations that you can ask us to reduce if you prefer. ● Storage and Archiving take place in the EU. Raw Logs are kept 2 weeks and archived 6 months in the EU Follow us: @Botify - #BotifyWebinar
  • 24. Integrity and Confidentiality ● The airlock you uploaded the files to is a secure server. ● Log file transfer between the airlock you uploaded the files to and the app, and between the airlock and the archiving server, are secure (ssh-based) transfers. ● Archiving server is a secure server. ● Access to Raw Log files is limited to dedicated Engineers, for integration, support and engineering purposes. Awareness, training + contract. ● We will inform our customers as early as possible if any breach or data loss occurred on your log files. From Upload to Archive, Servers are Secure
  • 25. ● We do not need Personal Data in any of our apps. ● The only Personal Data that may be processed by Botify are Personal IP Addresses in Log Files if customers provide them. ● We provide sample scripts to help you send us logs without Personal IP Addresses. ● If you send us Personal IP Addresses, we are GDPR-compliant anyway. Summary Follow us: @Botify - #BotifyWebinar
  • 26. Let’s keep in touch Any questions? We are here to help! dpo@botify.com Follow us: @Botify - #BotifyWebinar
  • 27. GSC vs. Scraping: Go Beyond Rankings DON’T MISS OUR NEXT WEBINAR www.botify.com/webinars BOTIFY COMES TO YOU! Follow us: @Botify - #BotifyWebinar SaaStr Europa June 14th - Paris IRCE June 5th -Chicago SMX Paris June 12th - Paris SMX Advanced June 11th - Seattle

Editor's Notes

  1. passer dès que Thomas a lu le motto, il ne commente pas
  2. Thank you for attending this webinar on GDPR at Botify. As you all know, GDPR is a regulation regarding data protection that was adopted 2 years ago by the EU and is enforced tomorrow May 25th 20-18. The goal of this webinar is to explain to you why Botify is compliant to this regulation. Merci de participer à ce webinar au sujet du RGPD et de sa mise en oeuvre chez Botify. Comme vous le savez tous, le RGPD est un règlement européen concernant la protection des données qui a été adopté voici deux ans et qui entre en application demain, le 25 mai 2018. Le but de ce webinar est de vous expliquer en détail pourquoi Botify est conforme à ce règlement.
  3. We don’t need any personal data in our platform, we don’t need personal data from our customers, we don’t use any personal data in any of our dashboards. All the dashboards that we provide are data dashboards with metrics regarding URLs or Keywords, not users.
  4. have a global, European, law, and not national laws with national differences improve protection of physical persons, and improve their rights give a framework for security of personal data simplify administrative work for multinational companies 1. Le présent règlement établit des règles relatives à la protection des personnes physiques à l'égard du traitement des données à caractère personnel et des règles relatives à la libre circulation de ces données. 2. Le présent règlement protège les libertés et droits fondamentaux des personnes physiques, et en particulier leur droit à la protection des données à caractère personnel. 3. La libre circulation des données à caractère personnel au sein de l'Union n'est ni limitée ni interdite pour des motifs liés à la protection des personnes physiques à l'égard du traitement des données à caractère personnel.
  5. a- processed lawfully, fairly and in a transparent manner => inform the person about the processing that will be made, obtain consent, then processing must comply with what was described to the person when they gave their consent b- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes => purpose limitation: consent must be specific to a purpose and data cannot be later processed with another purpose c- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed => data minimisation, we don’t collect any unnecessary data d- accurate and, where necessary, kept up to date => accuracy e- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed => storage limitation for a minimal duration f- processed in a manner that ensures appropriate security of the personal data => integrity and confidentiality The controller must be compliant with the 6 principles and must be able to demonstrate his compliance. And we are going to demonstrate our compliance to these 6 principles in this webinar. a) traitées de manière licite, loyale et transparente => informer la personne du traitement qui va être effectué, obtenir son consentement. Le traitement doit respecter ce qui a été convenu au moment du consentement. b) collectées pour des finalités déterminées, explicites et légitimes, et ne pas être traitées ultérieurement d'une manière incompatible avec ces finalités => limitation des finalités: le consentement doit être spécifique et les données ne doivent pas être réutilisées par la suite pour d’autres finalités c) adéquates, pertinentes et limitées à ce qui est nécessaire au regard des finalités pour lesquelles elles sont traitées => minimisation des données, on ne collecte pas de données superflues. d) exactes et, si nécessaire, tenues à jour => exactitude e) conservées sous une forme permettant l'identification des personnes concernées pendant une durée n'excédant pas celle nécessaire => limitation de la conservation f) traitées de façon à garantir une sécurité appropriée des données à caractère personnel => integrité et confidentialité Enfin, le responsable du traitement est responsable du respect de ces 6 principes et doit être en mesure de démontrer qu’il les respecte, et c’est ce que nous allons faire pendant ce webinar.
  6. a- inform the person about the processing that will be made, obtain consent, then processing must comply with what was described to the person when they gave their consent b- purpose limitation: specified and explicit consent for the processing c- data minimalisation d- accuracy e- storage limitation for a minimal duration f- integrity and confidentiality
  7. BA/BK : We receive aggregated data without any personal information.
  8. There is no processing of IP addresses of human beings: we don’t need the data, and if we receive it, we do not use it. We use the visit lines of the logs to provide you with performance information about your URLs, not to provide specific information about “who the visitor is”.
  9. Why do we like to receive the bot IP addresses in your log files? For data accuracy. There is a lot of crawl on the Internet, and some crawlers declare they are googlebot even if they are not. We use the bot IP address to make sure the it belongs to the search engine, to make sure the crawl log line really comes from google, or bing, etc. It allows us to authenticate the bots, to remove fake bot lines, and to provide accurate dashboards regarding number of URLs crawled or crawl volume.
  10. Transition: usually, putting this in place is a 3-5 days work for your technical team. We understand it can be complicated for you, depending on your infrastructure and tooling.
  11. As we said in the beginning, the data controller must be compliant with the 6 principles and must be able to demonstrate his compliance. Do let’s go through the principles again to confirm that, in case we receive any personal IP addresses, we are GDPR-compliant. Comme on l’a dit au début, le responsable du respect de ces 6 principes et doit être en mesure de démontrer qu’il les respecte, donc parcourons-les à nouveau pour bien confirmer que, si nous recevons des adresses IP personnelles, nous sommes conformes à la RGPD.
  12. We can sign your Data Processing Agreements, or we can provide one. We signed Data Processing Agreements with our hosting providers. DPO - Data Protection Officer ensures that we apply the laws protecting individuals’ personal data. DPO - Délégué à la Protection des Données.
  13. If you send us Personal IP Addresses, we don’t have a use for them and we discard them as soon as possible.