GDPR Compliance

Wedia offer a GDPR compliance on the Portal and Back-end interfaces, and Media Delivery Media players.

Portal

When activated, the users are presented with a cookie banner, where they can choose to opt out of being tracked to external vendors such as Google Analytics, Datadog…

Opting out of internal tracking is not possible : we need to be able to track which content has been viewed, or downloaded by a specific user, in order to comply with regulations.

If they are not opting out, we will track all the assets viewed, downloaded, played by the user using different trackers.

This choice is recorded on the local storage of the browser, and does not expire. To revert their choice, the user must clear the local storage data from their browser.

When the user deletes their account, the analytics records will stay but with an unique identifier that effectively anonymize them (the previous user id that was assigned to them).

Terms of use :

Additionally, a term of use popup can be presented to the user, with a text which can be versioned.

Both cookie consent and term of use acceptation are optional.

Back-office

The back-office offer no opt-out option : the users are tracked for all their actions. These actions include editing, deleting assets and contents, and we need to track these actions for legal purposes.

The only option to enter the back-office is the acceptance of consent to processing.

Media Delivery Players

When using Wedia players to publish assets on third party sites, we are optionally tracking the user behaviour using cookies.

The website where the player is integrated can request to opt out of tracking by embedding the player using the “dnt=true” parameter. In that case, no tracking will be performed, and only technical information will be stored on the player cookie.

This parameter can also be set on a per share basis, with the following option :

 

We record the following information from the anonymous user :

  • session_id

  • user_id

  • account_id

  • session_datetime

  • session_date

  • session_time

  • session_firstuserhit

  • session_geoloc

  • session_navigatorappcodename

  • session_navigatorappname

  • session_navigatorappversion

  • session_navigatorcookieenabled

  • session_navigatorlanguage

  • session_navigatoronline

  • session_navigatorplatform

  • session_navigatorproduct

  • session_navigatoruseragent

  • navigatoruseragent_devicebrand

  • navigatoruseragent_devicefamily

  • navigatoruseragent_deviceisspider

  • navigatoruseragent_devicemodel

  • navigatoruseragent_osfamily

  • navigatoruseragent_osmajor

  • navigatoruseragent_osminor

  • navigatoruseragent_ospatch

  • navigatoruseragent_ospatchminor

  • navigatoruseragent_agentfamily

  • navigatoruseragent_agentmajor

  • navigatoruseragent_agentminor

  • navigatoruseragent_agentpatch

  • session_screencolordepth

  • session_screenheight

  • session_screenwidth

  • session_capabilitytouch

  • session_capabilitygeolocation

  • session_capabilitycanvas

  • session_capabilitystorage

  • session_capabilityvideo

  • session_capabilityjava

  • session_navigatoriemode

  • campaign_id

  • session_screensize

  • session_device

  • session_firstuserhitlabel

  • session_capabilitytouchlabel

 

AI Server Locations for Image Analysis and Processing

Microsoft Servers

Location: Microsoft servers used for image processing are located in the "West Europe" region, specifically in the Netherlands. This location ensures a privacy compliant data management for European clients.

Google Cloud Platform (GCP) Servers

Data Handling: When using Google Cloud Platform's AI servers, images are processed in memory only and are never permanently stored, enhancing data security and privacy. Google Vision datacenters are located in Netherlands (europe-west4).

Wedia DPO

You may contact our DPO at the following email address : dpo@wedia-group.com