On the 25th May 2018, the European Union’s (EU) new data protection framework, the General Data Protection Regulation (GDPR), came into effect.
This is a significant piece of data protection legislation that impacts any organization that processes personal data in connection with good/services offered to an EU resident, or monitors the behaviour of persons within the EU.
deltaDNA offering are fully compliant, We have reviewed our processes in line with the regulation requirements. We identified and implemented a number of minor changes.
Summary of changes
Please do take the time to read this through as you may need to take some action to maintain your full functionality of your account on the platform.
If you have any queries about GDPR or the steps you need to take, our support team is standing by ready to help, please contact [email protected]
The changes in summary
|Area of Impact||Description||Action By|
|1||S3 Archive||Event order within files is changing||Completed|
|2||S3 Archive||Start using your bucket rather than ours Remember to turn on encryption on your bucket||Completed|
|3||Collect / Engage||Migrate Collect and Engage requests to https rather than http as games are updated||Completed|
|4||Direct Access||Migrate connection to SSL||Completed|
So what does this mean?
1. S3 Archive
Event ordering within files is changing:
Archive files continue to be saved in the same compressed .csv format but are no longer guaranteed to maintain eventID ordering. This has now taken effect.
2. S3 Archive
Start using your bucket rather than ours:
Storage Location: From 31st March 2018 we will no longer be storing your event archives in an S3 bucket on the deltaDNA Amazon account, but will send them directly to your own Amazon S3 bucket which you will be responsible for maintaining, please see Amazon S3 Pricing
You will find more information on configuring your S3 Archive location on the Archived Data page.
Encryption: Please make sure you have encryption enabled on your S3 bucket
Warning: If you don’t update the storage location, your archive files will be deleted, and no new data will be archived. Any customer archive data in legacy folders has been scheduled for deletion.
3. Collect and Engage
Migrate to https rather than http moving forward
Collect / Engage HTTPS encryption:
- All deltaDNA SDKs have been updated to ensure that they only send data over secure HTTPS.
- Legacy deltaDNA HTTP endpoints will not be disabled, data sent to them will still be accepted. However, you are advised to update your SDK and REST API usage to secure HTTPS as you update or patch your game. Legacy implementations that cannot be updated can continue to send data to HTTP
- Any 3rd party providers sending attribution or CRM notification data to the deltaDNA Rest API should migrate to HTTPS
4. Direct Access
Migrate connection to SSL
Direct Access SSL encryption: Connection to Direct Access from 3rd party tools such as R or Tableau un-encrypted connections will be disabled. You will need to update your connection setting to use SSL. It is a simple change in your connection settings that should only take a minute or two to configure. If you experience any SSL connection issues please contact [email protected] and let us know the name and version of the tool, driver and the operating system that you are using.
You might also find the following information useful with regards to the GDPR:
- The anonymous userID generated and used by deltaDNA SDKs is not a personal ID. You therefore do not need consent for running deltaDNA analytics if you use our defaultID.
- We make every effort to ensure that all the data held by deltaDNA is secure and perform regular penetration tests
- Our servers are located within the EU
- You must ensure that you are compliant as either a data processor or controller
- deltaDNA SDKs contain a ForgetMe() API that should be used if a user no longer wishes to be tracked and would like to be forgotten. This will stop the SDK from sending/receiving any further information to/from the Platform, as well as initiating a data deletion request on behalf of the user. The SDK will continue to work as it normally would, without any additional work required. If the game supports changing of users then calling StartSdk(userID) with a new user ID or ClearPersistentData() will restore the previous SDK functionality.
- Data deletion requests will be accepted at [email protected] and will be responded to within 30 days, however, the game client or server will be responsible for ensuring that new data from the player does not continue to be sent.