Using GTM for ecommerce tracking with the dataLayer option says that a transactionId is required to be passed. How is that information not personally identifying information? The transaction is made by a single user and can therefore be tracked back to that user in our system.
Is the rule about sending PII that it only matters if someone outside of my company can identify the user? It seems very unclear.
I am not a lawyer, but the terms of service say
You will not and will not assist or permit any third party to, pass
information to Google that Google could use or recognize as personally
identifiable information.
Google cannot identify a user from your transaction id, so (it would seemt that) this is in accordance with the TOS.
Your relevant legislation might see transaction ids as PII, and you would therefore not be permitted to store them, but that is outside the scope of general terms of service; you are yourself responsible for staying within applicable law.
Btw. this is not really about the dataLayer and Google Tag Manager, since GTM does not store the datalayer and the dataLayer itself is local to the visitors browser. This is a Google Analytics issue.
Related
I'm new to Xero API's and I'm trying to understand a thing.
In my Company we currently have various different “organisations” within Xero, and this number will be growing in the near future.
We also have a 3rd party web application we use for technical and management data – to which we now would like to add financial data, mostly in the form of exported Xero reports.
We had been looking at the API functionality – however as I understand it Xero is unable to grant a subset of permissions to API calls – i.e. anyone with API access would have the same level of access a standard user – so aside from being able to pull the reports we require, they would also have access to all other data, such as transactional data, account numbers, creation and deletion of invoices etc. etc. Please can you confirm whether this would be the case?
In short terms: we need to restrict the API calls to the reports only, is this possible?
If not, does Xero have a functionality where reports can be automatically exported to an external location – such as a cloud service or an FTP site or similar?
Many thanks in advance
You're correct. Once you connect an app to the API it has access to all the accounting endpoints. Payroll endpoints are the only ones that require additional scopes.
And no, unfortunately there's no way to schedule report exports either. Sorry!
Recently google has added multiple user support to the assistant so how would use the API to identify the person by voice?
It depends what you mean by "identify the person".
There is no way for an Action to get the raw audio, so there is no way for it to do voice printing or anything along those lines.
Although each voice has to be reported against a Google User ID, you do not have direct access to that user ID.
What developers do have access to is a UID that is sent along with each request to your fulfillment server. This UID is consistent across requests, although it can be reset by a user (for example, if they reset their Google Home). You can think of this the same way you think of an HTTP cookie - you can track the UID and, if you see it again, have reasonable assurance it is the same user that accessed it last time. This breaks down, however, for the "default" account on Google Home, since anybody who doesn't have an account will map to this user.
Beyond this, you can also use Account Linking to connect a Google Account consistently to an account in your own system. If you have sufficient authentication in place, or are using one from Google or Facebook for example, this can act as an identity.
There isn't an API for developers to identify users by voice.
We are using the Skype for Business Web SDK in our application to show the presence of contacts.
When the contact is someone inside the user's organisation (and therefore the same AD instance as the user), we register a callback function on the contact's status onChange event and this works well.
However, when the contact is outside the user's organisation (and therefore a different AD instance to the user), we find that the contact's status onChange event never fires and so there is no way to know their status.
The code we are using is as follows:
skypeContactService.subscribeToStatusChange = function (contact) {
contact.status.changed(function (status) {
...
});
contact.status.subscribe();
};
I wouldn't have thought this is a deliberate security measure, because in Outlook Online's Skype for Business functionality you are able to see the presence of external contacts.
So perhaps this is a bug in the Skype for Business Web SDK? Or perhaps it is functionality that hasn't been implemented yet?
Would someone from Microsoft be able to clarify whether there is a plan to enable getting presence for contacts outside of the user's organisation?
Any help would be greatly appreciated!
Federation should be required to see presence and do conversation related activities like IM, Audio, Video. I am not an expert on this side of Skype/Lync, but I would suggest looking over the Federation Documentation as I would argue you have no link to the external users, so you would not be able to see that information.
To solve your exact problem you would need to have federation with any organization that you want to be able to see presence or start conversations.
It could be that they are federated with your organization so they can see your presence information or if they are hosted online (O365), it may be there are alternate APIs that expose presence information without being federated. Are they able to start an IM or A/V conversation with any of your users (it should fail because your side is not federated)?
A client I work with wants to know if it's possible to use the Yodlee API to look up recent transactions on any credit card.
They'd like it to work without the user needing to be signed up with Yodlee, either directly at the site, or indirectly through a branded partner.
I assume this would be possible if the credit card company itself shared it's transaction data with Yodlee directly, and made it available to their API customers, but I haven't been able to figure this out from the docs available on their website, and haven't been able to reach anyone at Yodlee themselves to ask.
I work for Yodlee. Sorry to hear you're having a hard time getting a hold of us. To answer your question, yes the user has to explicitly authorize any application that leverages the Yodlee API and explicitly add access to their financial accounts for that application.
Best,
Grace
Yodlee screenscrapes websites to retrieve it's information.
Which means that they physically (but in an automated fashion) visit the website in a browser (IE8). Thus to pull any information down they have to visit the website, log in successfully, (optionally but more so on more banks; authenticate the computer) and then they can see all of the information that the user sees. Their API acts as a real time bridge between you (the end user using your website or app) and this browser.
So you have to either implement their very much so convoluted Yodlee API or use one of their generic hosted pages and direct the user to it where upon he/she enters the necessary information. You also have to have an agreement with them too. You also have to convince the user to do it :)
I'm using a google events tracker like this:
_gaq.push(['_setAccount', 'UA-1422398-23']);
_gaq.push(['_trackEvent', 'BookingRequest', 'Parent Name', $('#parent_fname').val()+' '.$('#parent_lname').val()]);
In this case, let's say I can track how many requests were submitted.. is there a way to track these specific users, and see the traffic source, and if it's Google, then what keywords they searched my website by?
Basically I want to see the people booking online, and see how and where they got me... and hoping there's a better and more elegant way than to have a field that asks "What did you type into Google to find us?"
Putting fname and lname into GA is a violation of Google Analytics terms of service. See number 7 PRIVACY.
Custom vars can be used to determine user type and/or login status. See Session-level Custom Variables
For example, if your website offers users the ability to login, you can use a custom variable scoped to the session level for user login status. In that way, you can segment visits by those from logged in members versus anonymous visitors.
But, don't try to put the username in GA either:
While the username or user ID is not directly PII, if it is used to tie to a person from a backend system…that’s a violation of the Terms of Service.
To see the traffic source of the events, go to Content, Events, select the event you want, and add the secondary dimension of Traffic Source (just above event title in report).
Here is a Custom Report for Event Labels that drills down by source then keyword. Just log into GA and go to the URL.