fusedeck

Data privacy

Why can fusedeck® also be used without user consent?

The GDPR requires a legitimate reason for processing personal data. This reason may be provided by the consent of a user, for example. The ePrivacy Directive demands user consent for cookies or other identifiers to be saved on the user’s computer (apart from technically required cookies).

  • fusedeck® does not normally process any personal data. If you as a customer decide to have personal data processed via fusedeck®, this processing will only occur in the European Union or in Switzerland.
  • A data processing agreement is established between the customer and fusedeck®.
  • fusedeck® does not use the data for its own purposes and also does not pass on the data to third parties in any manner.
  • fusedeck® does not combine data across different websites.
  • IP addresses are anonymized by default.
  • In fusedeck®’s cookieless mode, no cookies or other identifiers are used that are stored on the user’s computer.
  • fusedeck® offers the user an option to opt out. This is integrated into the customer’s privacy policy.

The use of fusedeck®, without user consent, has been reviewed by lawyers specialized in data protection at Steiger Legal (Report 1, Report 2).

Why is this important?

The use of cookie banners increases the bounce rate on websites by up to 40%. This means that users you have already acquired may be lost again, without you having been able to generate value from them. This increased bounce rate also raises the cost of media purchasing for you considerably. What’s more, depending on how the consent banner is implemented, you lose 50% to 80% of the tracking information which prevents you from being able to make data-driven decisions.

The consent rate will continue to fall, since nudging has been declared unlawful in a court ruling by the Rostock State Court (September 9, 2020, case 3 O 762/19). Accordingly, the rejection of cookies has to be collected at exactly same place as the acceptance of cookies; it may neither be hidden in a cookie banner behind settings nor rendered less visible in any other way (e.g. via the font color used). Wherever possible, you should therefore try to avoid consent banners.

Cookieless tracking / server side tracking

fusedeck® offers three tracking options to reflect internationally diverse data protection rules (e.g. GDPR, CCPA and the ePrivacy Regulation). The technology can be used to adapt to the relevant requirements: classic full cookie tracking, cookieless user tracking or cookieless session tracking.

In the case of full cookie tracking, an identifier is persistently written onto the user’s device in order to recognize the device and user again in the future. Here, a fusedeck® consent management platform, compliant with data protection requirements, can be connected upstream to place cookies on the user’s device only when consent is given. With cookieless user tracking, there’s no persistent access to the user’s device. Instead, a reliable user ID is generated. With cookieless session tracking, individual users are not tracked and the data is collected and processed granularly on session level.

Session scoring enables consent to be retrieved from the user individually, resulting in a high approval rate for the processing of personal data when consent is requested at the right time.

Data ownership

No data collected with fusedeck® is shared with third parties. The first-party approach is paramount at fusedeck® and customers have full control on whether and with whom data is shared. Moreover, fusedeck® does not use the collected tracking data for its own purposes. For every single tracking property, it is possible to determine which data (e.g. individual subpages or based on defined events and triggers) is collected to what extent (e.g. user tracking, session tracking, visibility, scrolling, and clicks) with the fusedeck® technology.

Data storage

fusedeck® uses cloud-based services for fast and secure data provision. The central storage location for all tracking data is located in the European Union or alternatively in Switzerland. Further locations for data storage, such as the USA or Asia, are also possible on request. All data is stored in encrypted form.

Data security

fusedeck® is proprietary software that is developed and controlled entirely and exclusively by our development team in Zurich, Switzerland. Besides the software, the IT architecture is also managed by our teams. This way, fusedeck® is independent from third parties and has control over security updates and can quickly respond to potential security issues.

All data is protected against unauthorized access by the latest security methods, including two-factor authentication or tokens in API communication. Plus, the fusedeck® user interface provides full control on which user roles receive access to data and to what extent. Inactive users are automatically logged out after a certain period of time.

Shared / Owned Stack

fusedeck® offers two kinds of data collection and processing: the shared or owned stack. The shared stack utilizes the cost efficiency of the fusedeck® cloud, while the owned stack – in addition to a white label domain with your brand (e.g. fusedeck.YourCompanyName.de) – also offers a physically dedicated cloud cluster suitable for especially high-traffic platforms or customers with advanced security requirements (e.g. banks and public institutions).

Performance

For us, it’s important that tracking data is reliably collected and provided in good time. That’s why fusedeck® technology is based on modern, future-oriented IT infrastructure. fusedeck® tracking technology is data-efficient with its encrypted socket connection and does away with inefficient and incomplete pixel requests.

We rely on secure and scalable computing capacity in the cloud, enabling us to offer the optimal performance in terms of computing speed and costs – from data collection and data processing to the provision of tracking data automatically and when required.

Privacy / GDPR

fusedeck® can be used to create a GDPR compliant set up and can fulfil the data protection requirements of the European Union (EU). You decide which tracking solution should be used (e.g. full cookie tracking or cookieless session tracking) and can obtain the necessary consent from the user with the fusedeck® consent manager at the time when the consent is required.

The integrated event and tag manager decides on the basis of the consents provided which tracking tags as well as cookies may be used. In addition to the consents, there are also integrated opt-out solutions, retention and deletion features as well as reporting for data information at the user level, which can also be set as event-driven in the fusedeck® user interface.

We would be happy to show you how you can use fusedeck® for your business.