When a user interacts with Bloomreach Engagement, their data is processed. This article explains:
- What data is processed
- Why it is processed
- How are the retention periods set
- What is the legal basis for the processing
- How you can exercise your GDPR-granted rights
Bloomreach Engagement collects and processes the following data categories about its users:
- Metrics monitoring the application performance during your session such as page load time.
- Metrics monitoring in-app interactions and engagement such as actions, clicks, or invitations.
- User details including name, company name, email, phone number, position, or country.
- Device details such as device type, os, browser tracking identifier (cookie or Google Analytics ID), IP, longitude, or latitude.
Bloomreach Engagement collects the data mainly for the purpose of gathering insights into how the users interact with the app, which parts of the application are or are not used, and how are they interacted with by different types of customers. The gathered data allows us to evaluate the problems that the users might be facing and it also helps us prioritize the features where the users might benefit most from an upgrade. This ensures Bloomreach Engagement can continuously improve itself, enhance its performance, and add new functions where it would be most valuable.
The data about the users' interaction with Bloomreach Engagement is collected and processed under legitimate interest defined in Article 6(1)(f) of GDPR.
Bloomreach Engagement retains the users' information for the period necessary to fulfill the purposes outlined above as specified by GDPR or for the time-periods specified in the Service-level agreement. If a longer retention period is required, it may be extended if the law and the SLA allow for it.
The users can exercise their right of access, deletion, or specification in relation to the data Bloomreach Engagement collects. If you want to read more about the exercisable rights go to the Individual Rights article. If you want to exercise any of them you can fill out a request on the Control Your Data site.
If an Bloomreach Engagement user exercises their right to deletion, it will result in the deletion of their whole Bloomreach Engagement account and their access to the application. This is inevitable because the processing of the data, such as email, address, and phone numbers are necessary for keeping the account and the application secure.
To protect the users' personal data, we utilize the baseline Bloomreach Engagement security for all the collected and processed information. The baseline includes:
- PII anonymization;
- Need-to-know basis and review of access;
- Utilization of Bloomreach Engagement Access Management tools.
You can read more about our commitment to safeguarding your data in the Security Commitment.
Updated 3 months ago