GDPR Compliance & Cookie Notices Policy
- What data does the Veracity platform capture on our website?
The Veracity platform tracks all activity carried out on your website by your website visitors, including mouse movement, interaction with page elements and navigation throughout the site.
By default, without any further action, the only personal information Veracity capture, as per the current UK General Data Protection Regulation (GDPR) is the IP address of the visitor. At your specific request, the Veracity platform is also able to capture additional personal data submitted through forms on your website.
- What’s the precise purpose of why we’re collecting the data?
The Veracity platform collects data for two purposes:
1) to report on journeys on the Veracity platform dashboard for our clients;
2) for tracking patterns of behavior, for training data detection models that may indicate invalid traffic or bot activity.
Veracitysoft Limited is a corporate member of the Data & Marketing Association (DMA) in the UK and bound by DMA best-practice guidelines on the capture, use and storage of personal information. You can review the Veracitysoft Limited DMA corporate registration here.
- Where is the data stored (i.e. UK or EEA or elsewhere)?
All data is stored solely in the UK on the Amazon Web Services (AWS) cloud. AWS UK datacentres are UK Gov validated; please click here for more information. All data is stored on encrypted drives at rest, and encrypted using TLS during communication, conforming to current security best practices.
- How long is the data kept?
The Veracity platform keeps identifiable data for a maximum of 6 years. After 6 years, all identifiable data is permanently removed.
The exception to this is if our customer (an agency) or our customers’ customer (the agency’s customer) ask us to remove their account and/or data, we will permanently remove the data at that point.
- Where does Veracity fit with Cookie Consent software?
The Veracity platform does not fall under the scope of analytics in terms of GDPR due to the above and can be treated as a requirement of your site operating normally, in the interest of bot & fraud prevention.