Dynamic Yield recognizes the importance of consumer privacy and is pledged to integrate privacy into our products and services. Our commitment to privacy protection is underscored by our compliance with the ISO 27701 standard.
In your capacity as a Data Controller, we equip you with the necessary tools to help you adhere to data privacy regulations. However, it remains your duty to ensure compliance with the applicable privacy and data protection laws in your region (for instance, GDPR or CPRA). Bear in mind that this document does not constitute legal advice.
Personal data that we process on your behalf
Acting as a Data Processor on your behalf, we process personal data to provide you with our products and services. This might include the following types of personal data:
- Geographic information: City, state, country, and postal code, as applicable.
- Audience membership: Based on real-time user segmentation and backend historical calculations.
- IP addresses.
- Online identifiers: Online data collected from your users’ devices, applications, and protocols, such as UDID, cookie identifiers, and other unique IDs that you or Dynamic Yield assign to user devices. This includes the customer unique identifier (CUID) and Dynamic Yield Identifier (DYID).
- Device and browser attributes.
- Page views and interactions.
- User events: As applicable. For example, Add to Cart, or other interactions and engagement you set up.
- Search query terms: As applicable.
-
Information you provide to us (only as applicable):
- Email addresses.
- CRM data and other data that you elect for onboarding (such as gender, status, average order value, number of items ordered, days since last order, net sales, items per order, days since first order, sessions since last order, days since last visit, average inter-purchase time, last order site, loyalty status, and so on).
- Online purchase history on your site.
- Offline purchase history.
How we process users' personal data on your behalf
The Dynamic Yield script generates and manages a DYID, which is a unique random ID for each user who visits your site. This script relies on local storage and cookies for storing this value on the user's browser. The cookie is referred to as DYID and is saved with the key _dyid.
Dynamic Yield does not track users across multiple sites. For each site a user visits that uses Dynamic Yield scripts, a unique DYID is assigned specifically to that user for that particular site. Consequently, if a user visits two separate sites that use Dynamic Yield scripts, two distinct DYIDs are created. These two DYIDs are not associated with each other.
The DYID enables the collection of personal data linked to the user’s activity. See the section Personal data that we process on your behalf for more information.
How we process user email addresses on your behalf
Dynamic Yield may collect users’ email addresses, but only when you voluntarily provide these to us. When we receive an email address that identifies a particular user, we typically hash the address before storing it to protect the user's privacy.
As our customer and the publisher of the website, you provide us with feeds consisting of a single column of email addresses. Dynamic Yield hashes these email addresses and checks for matches among identified users. The original email addresses are stored separately and apart from the rest of the Dynamic Yield data, in a secure and segregated location for added protection.