Privacy Overview

Overview of what data Adobe Analytics collects and other privacy considerations.

Data Collection Breakdown

Adobe Analytics collects the following data:

Type of Data Does Adobe Analytics collect this data?
URLs of Web Pages within Customer Site Yes
Name of Web Page Yes
Time spent on Page Yes
Time of Day Yes
URLs of Web Pages on Unaffiliated Sites No
Cookie IDs (randomly generated) Yes
URL of page that user was on before visiting customer page Yes
Search query when consumer clicks on link to customer page Yes
Browser Type Yes
Device Type Yes
Operating System Yes
ISP/Connection Speed Yes
Display Settings (such as screen size and resolution) Yes
IP Address (used to approximate location) Yes*
Information consumers provide in forms on customer site Yes
Information consumers provide in forms on social sites No
Whether consumer clicked on ad Yes
Whether consumer clicked on link, image or text on site Yes
Whether consumer downloaded a file, image, etc. Yes
Items consumer purchased Yes
Items left in shopping cart Yes
Social Network Information (including photos, user ID, age, gender, location) No
Personal Information that user provides outside of our services Yes
Ad campaign success rates Yes
Product info, such as colors, prices, styles, photos Yes

*Unless the Adobe customer chooses to remove the IP.

Other Privacy Considerations

Region/Country Consideration
Global Adobe strongly suggests customers refrain from passing personally identifiable information (PII) to Adobe, especially in situations where the PII is not necessary for Analytics.
Global Users need to be provided with notice and choice when profiling. This is required by law in Canada, Australia, the European Union (opt-in for some countries) and many countries in Latin America and Asia-Pacific.
Global If using first-party cookies, Analytics opt-out is unique to a customer; you cannot rely on an opt-out on Adobe.com.
Global First-party analytics are not within scope of the Self-Regulatory Program for Online Behavioral Advertising (“AdChoices”).
Global Cross-device data should not be merged unless tied to an identifier provided by the customer (such as hashed user name).
Global There are likely restrictions placed upon the customer from combining ad impression information to PII.
Europe Most countries in the European Union do not consider analytics cookies strictly necessary.
Europe Adobe has enabled the setting IP-Obfuscation: Enabled - IP Removed (x.x.x.x) by default for all customers with a report suite set in EMEA. With this setting, the IP address will be completely replaced with the value (x.x.x.x) after geolookup and is no longer available as a data point.

This basic replacement method cannot be reverse-engineered back to a unique, specific IP Address. Neither the customer nor Adobe can access the IP address; it is irreversibly anonymized. For more information about other IP obfuscation settings, refer to

https://marketing.adobe.com/resources/help/en_US/reference/index.html#General_Account_Settings

Global A customer can set the cookie lifetime variable in the JavaScript measurement code to a value of „none,“ „session“ or another specified value measured in seconds.
Europe Adobe has developed a new “privacy by design” setting that can now be enabled by Adobe ClientCare for Adobe Analytics (formerly SiteCatalyst) release versions 14.9 and 15.4. When this new setting is enabled, the last octet (the last portion) of the IP address is immediately replaced with the value 0 once the IP address is collected by Adobe. This anonymization is performed prior to any processing of the IP address, including prior to both an optional geo-lookup and ISP-lookup of the IP address.
Germany

If customers do not already have a Data Processing Agreement for Adobe Analytics in place with Adobe, they should contact their Adobe Account Manager or Customer Success Manager, who will work with the Adobe Legal Department to get the DPA in place.

Adobe has prepared a Data Processing Agreement (Vertrag fuer Auftragsdatenverarbeitung – ADV) for Analytics that has been reviewed and approved by the Bavarian Data Protection Authority (Bayerisches Landesamt fuer Datenschutzaufsicht – BayLDA). The ADV is available in German and English.

EMEA Data Center Locations

The following EMEA data centers currently host Adobe Analytics data:

Adobe Name Address Facility Type (Operator) Solution Components Supported Certifications
AMS1

Luttenbergweg 4

Amsterdam 1101 EC

The Netherlands

Colocation Facility

(Equinix)

Multichannel Analytics,

Digital Analytics

ISO9001:2008

ISO14001:2004

OHSAS18001:2007

ISO27001:2005

ISO50001:2011

PCI-DSS

Equinix

LON5

3 Centro

Boundary Way

Hemel Hempstead HP2 7SU

UK

Colocation Facility

(Gyron)

Multichannel Analytics,

Digital Analytics

SSAE 16