Data Privacy (GDPR, PCI, PII)

Feature

Any data collected by Germain UX can be masked, anonymized, or excluded (i.e., not collected) by Germain UX.

AI-driven Detection of Sensitive Data

Germain UX automatically detects information considered sensitive, such as PII (Personally Identifiable Information). And that works for any KPI.

Where to Find Sensitive Data

1. Log in to the Germain UX workspace.

2. Navigate to Analytics > Data Privacy.

Detection of Stored PII

This section lists all data that is not yet hidden and should likely be set as private (either anonymized, masked, or excluded).

Configured Exclusion

This section lists all data that has already been configured as private (either anonymized, masked, or excluded).

Mask

Data is captured as “***” instead of the real value, sent back to Germain Enterprise, and stored in the designated datastore (on-premise or cloud).

Additional Advanced Settings

This option includes the following advanced settings:

• Preserve or ignore the length of the real value.

• Preserve or ignore the whitespaces of the real value.

Examples

• User name “admin” masked with preserved length.

• User name “admin” masked without preserved length

Anonymize

Data is captured as a hashed value instead of the real value, sent back to Germain Enterprise, and stored in the designated datastore (on-premise or cloud).

Example

• User name “admin” anonymized.

Exclude

Data is not captured, stored, or sent back to Germain Enterprise.

Example

• User name “admin” excluded.

• Login form’s inputs excluded

Configuration

Go to Germain Workspace > Left Menu > Analytics > Data Privacy

There are two ways to make a field value more private:

1. Use GermainUX’s AI-driven mechanism, which lists all fields that are potentially sensitive.

2. Manually configure the field of your choice.

From the AI-Detected Field List

For other fields

To add new Data Privacy configuration click :plus: button and pick one option:

• Data Field Exclusion (applies to fields on all data points across the entire system, e.g. user.name, userAgent.family, sessionId, …)

• Session Replay Exclusion (applies to UI/HTML/DOM elements available on UX Session Replay only, e.g. div[id=”credit-card”], input, form, …)

Data Field Exclusion

The following steps show how to add new Data Field Exclusion:

• Go to Analytics > Data Privacy, click :plus: button and select Data Field Exclusion

• Fill in the wizard form:

  • Name*: Data Field Exclusion name

  • Field Name*: Field name to apply the exclusion on

  • [KPI]: Optional constraint on the KPI to apply the exclusion on (if not selected then exclusion will apply to all data points)

  • Type*: Exclusion type

  • [Advanced Settings for Mask option only]:

    • Preserve Length: If true, excluded field value will have the same length as the original otherwise the length value will be randomized, example: If true, original value: admin (4 char. long), exclusion value: **** (also 4 char. long).

    • Preserver Whitespace: If true, will preserve whitespace characters when masking otherwise will skip whitespace characters, example: if true, original value: This is a test, exclusion value: **** ** * ****.

  • [Advanced Settings for all options]:

    • Pattern: Pattern to optionally match exclusion value. Example: "User: (.*)"

The example below shows how to mask username field on all data points without preserving its length and whitespace.

Session Replay Exclusion

The following steps show how to add new Session Replay Exclusion:

• Go to Analytics > Data Privacy, click :plus: button and select Session Replay Exclusion

• Fill in the wizard form:

  • Application Profile*: Which settings profile should this exclusion be added to

  • Name*: Session Replay Exclusion name

  • Element Selector*: Tag name or * wildcard, optionally followed by one attribute constraint. See example for syntax. Example: div[id="credit-card"]

  • Type*: Exclusion type

  • [Advanced Settings for Mask option only]:

    • Preserve Length: If true, excluded field value will have the same length as the original otherwise the length value will be randomized, example: If true, original value: admin (4 char. long), exclusion value: **** (also 4 char. long).

    • Preserver Whitespace: If true, will preserve whitespace characters when masking otherwise will skip whitespace characters, example: if true, original value: This is a test, exclusion value: **** ** * ****.

  • [Advanced Settings for all options]:

    • Pattern: Pattern to optionally match exclusion value. Example: "User: (.*)"
      

The example below shows how to exclude completely input fields which contain credit card information from the UX Session Replay collection.

Form Privacy

Form Policy is a predefined set of rules to exclude from collection sensitive user information entered in form elements. These rules apply to UX Session Replay monitoring only and, once enabled, they can be updated or disabled on demand per UX Monitoring Profile. The following rules get installed when Form Privacy is enabled:

• Form Privacy Mask rule (masking following HTML elements):

  • <input/>

  • <textarea/>

  • <select/>

  • <datalist/>

  • <option/>

  • <[contenteditable]/>

  • <[autocomplete^=cc-]/>

• Form Privacy Exclude rule (excluding following HTML elements):

  • <input type="checkbox"/>

  • <input type="radio"/>

You can enable Form Privacy set of rules when deploying Germain monitoring for the first time:

You can update Form Privacy rules either from global Data Privacy view either from a particular UX Monitoring Profile.

UX Monitoring Profile view

• Go to Germain Workspace > Left Menu > Analytics > UX Monitoring Profiles

• Search for UX Monitoring Profile for which Form Privacy has been enabled (e.g. reactjs2 in this example)

• Select a profile and scroll down in the Editor to Session Replay Exclusions section

• Two rules should be available in default configuration: Form Privacy Mask and Form Privacy Exclude

• Pick one of the rule and edit it

Active Sessions

Go to Germain Workspace > Left Menu > Germain > Sessions

Service: Automation

Feature Availability: 2020.1 or later