Managing PII

Personally identifiable information or PII is any data that could identify a specific customer, like email, phone or names. As the controller of the data, you hold profiles including PII that you had decided to collect. Therefore, it is your responsibility to keep the data safe and to handle it appropriately.

What counts as PII?

There is not a definite list of what data should be considered as PII, however, you can be sure that the following customer attributes should be flagged:

  • Name
  • Address - Street/ZIP (you can keep city and country)
  • Email
  • Phone number
  • Date of birth
  • Link to any social networks profiles
  • Any other sensitive information that could lead to the identification of the customer, especially if it is not needed for analytics purposes.

Remember that even if the data collected would not be considered PII when looked at separately, they might collectively constitute personal data when looked at as an aggregation.


Good to know:

All customers' IDs (hard & soft) are by default handled as PII by the system.

Our data flow

Customer data flows through our CDP after tracking and can be used for both analytics and campaigns, managed and processed within Bloomreach Engagement. This diagram helps to illustrate the path of your customer’s PII.


Access minimization

In your Bloomreach Engagement project, you may have multiple users, who can access customer data. It is important that only the most trusted users of your Bloomreach Engagement project have access to the PII of your privacy and the safety of the data. To make PII of your customers visible only to some users there are two steps. Firstly, flagging which data is to be considered PII and secondly, granting your users an appropriate access right.

Flagging PII

  1. To flag which data is PII, first, go to Data & Assets > Data manager > customer properties or events tab. The tab you select depends on which PII you would like to flag.
  2. Hover over the attribute you want to flag as PII and click on the lock icon.
  3. Click Save changes.
    *Note that for events, you need to click on an event to expand the list of its attributes and then you can flag PII individually.

Granting access to PII

In the access management, you can create different categories (or "roles") of users and grant each specific access rights. Only the users whom you grant the rights to view personal data can see the data that you had flagged in the previous step. Read more on this in the Access Management article.


Remember to periodically review the access rights in your projects. This includes deleting all consultants, integrators, and employees who do not work on the project anymore.

The users without the Personal data access will only see stars in the place of PII. In the following images, you can the customer filter of a user who has restricted access rights and where registered, cookie and email are flagged as PII as a result.


Similarly, the information will be invisible to the user in the customer profiles.


Rectifying incorrect PII

In case there is incorrect information in a customer profile, you can change it either directly in the customer’s profile in Edit properties or by importing updated data.