Privacy-friendly analytics

Volument is a special kind of analytics software, that respects your privacy. It is fully compatible with CCPA, PERC, GDPR, and the ePrivacy directive.

Validated by: Jari Ala-Varvi — CIPP/E certified Data Protection Oficer @ Opsec

Last updated: October 28, 2020

Behavior, not identities

The basic idea of Volument is to track visitor behavior, but not the visitors themselves. This happens with a temporary session- identifier, that ties together all the user’s events on a single visit: such as the pages visited, and how much time the user paid attention to the content. All of this data is described in section “collected data”.

This session information is coupled with historical data in user’s browser memory (localStorage). This is purely behavioral data, such as the total amount of visits or the time gap between the earlier visit. No personal data is stored or processed.

The sessions are kept in the server's RAM- memory as long as the session is active or haven't received any events in four minutes. Once the session is over, the information is sent to the next step for aggregation. At this point, the session is wiped out from RAM and the session- identifier is removed from both ends: from the client and the server. This means that the only link to user is removed from data.

This way the aggregator is not aware of the visitor or the device of the visitor. The data only contains behavioral information from the session and no personal information such as the IP address or user-agent. There is no way to link one session to another so you cannot form chains of sessions coming from the same source.

Moreover, aggregates with less than ten visits are never generated so tracing back individual sessions on the basis of user behavior is impossible. Volument is designed for conversion optimization, which is all about studying masses. The bigger the mass the better it is for statistical significance.

Privacy Laws and Regulations

Volument is compatible with GDPR, PERC, and CCPA. The ePrivacy directive (aka “cookie law”) is applied according to the local European laws.

Collected data

  1. Path name of the current location such as /about/. This shows which pages people visit.
  2. Time on viewport – the number of seconds a visitor actively spends on a single viewport. This gives clues on what content works and what scares people away.
  3. Landing offset the time difference in hours between the current visit and the very first visit. This shows when the visitors come back.
  4. Referring site where the visitor initially came from such as “google.com.“.
  5. Campaign indicator an unnamed query string parameter such as c1 or a param called utm_campaign contanined in the link the visitor clicks. It identifies the various marketing campaigns. Nothing else is collected from the query string to avoid collecting sensitive information.
  6. Conversions — the conversion type (lead, customer, promoter) and the time offset in hours. This information contains the key actions the website owner have decided to track. In customer conversions the amount of exchanged money can also be collected. In promoter conversions, the number of peer invitations can also be collected.

Temporarily stored variables (in sessionStorage)

%tmp — A random string on to bind together all events on a single visit. It doesn't utilize any personal data such as the user-agent or IP address.

%i - An index number of a tracking server. This is used by us for load-balancing and is not related to the behavioral data.

Permanently stored variables (in localStorage)

%v — A JSON encoded string with the following information:

  1. Timestamp of the first and last visit
  2. Total amount of visits
  3. Initial referring site
  4. Initial landing page
  5. Initial campaign code
  6. Conversion status as a digit

This data is used for longer-term retention and conversion reports.

Opting out from Volument analytics

You can disable Volument by enabling the “Do not track” setting on your browser. Here are the instructions for the most popular browsers:

Mozilla Firefox

Internet Explorer

Google Chrome

iPhone and iPads

Android

FAQ: How is this different from Google Analytics?

Google Analytics uses a cookie called _ga to identify you and Google is known to abuse your privacy. Volument, however, doesn't identify people so we’re not profiling user’s or selling their information onwards.

{"style":["/learn/learn","/legal/legal"],"id":"public-policy","desc":"Volument is a special kind of analytics software, that respects your privacy. It is fully compatible with *CCPA, PERC, GDPR*, and the *ePrivacy* directive.","title":"Privacy-friendly analytics","url":"/privacy/","key":"","created":"2020-10-09T06:46:25.263Z","modified":"2020-10-28T07:26:28.716Z","createdISO":"2020-10-09","modifiedISO":"2020-10-28"}