GDPR Compliance

Owned by Olivier Grenet
Last updated: Sept 10, 2024
3 min read

Wedia offer a GDPR compliance on the Portal and Back-end interfaces, and Media Delivery Media players.

Portal

When activated, the users are presented with a cookie banner, where they can choose to opt out of being tracked to external vendors such as Google Analytics, Datadog…

Opting out of internal tracking is not possible : we need to be able to track which content has been viewed, or downloaded by a specific user, in order to comply with regulations.

If they are not opting out, we will track all the assets viewed, downloaded, played by the user using different trackers.

This choice is recorded on the local storage of the browser, and does not expire. To revert their choice, the user must clear the local storage data from their browser.

When the user deletes their account, the analytics records will stay but with an unique identifier that effectively anonymize them (the previous user id that was assigned to them).

Terms of use :

Additionally, a term of use popup can be presented to the user, with a text which can be versioned.

Both cookie consent and term of use acceptation are optional.

  • Cookies : we are using cookies to track the session for the user, and create a unique identifier when the user has not opted out tracking.

  • We use four internal cookies with a unique identifier that expires once the user session is terminated : JSESSIONID, x-wedia-api-token, x-wedia-api-so and x-wedia-api-tk. These cookies serves as technical cookies, essential for the correct functioning of the website and to provide the service offered and requested by the user. If the user has not opted out the tracking, they will also serve as tracking cookies, on that website only, and for the session duration, or longer, if the user has opted in for the “remember me” option.

  • We use technical cookies for ApplicationGatewayAffinityCORS, ApplicationGatewayAffinity, ApplicationGatewayAffinity, ApplicationGatewayAffinityCORS for the clients hosted on Microsoft Azure. Please read here the purposes of these cookies : https://learn.microsoft.com/en-us/azure/application-gateway/configuration-http-settings

  • our customers may decide to add a Google Analytics, Datadog or other tracking cookies on the system, but this is not the default settings. In that case, the DAM portal will also collect the user navigation and behaviour on those tools. Opting out of tracking in the Cookie banner will opt out of all tracking.

Back-office

The back-office offer no opt-out option : the users are tracked for all their actions. These actions include editing, deleting assets and contents, and we need to track these actions for legal purposes.

The only option to enter the back-office is the acceptance of consent to processing.

Media Delivery Players

When using Wedia players to publish assets on third party sites, we are optionally tracking the user behaviour using cookies.

The website where the player is integrated can request to opt out of tracking by embedding the player using the “dnt=true” parameter. In that case, no tracking will be performed, and only technical information will be stored on the player cookie.

This parameter can also be set on a per share basis, with the following option :

 

We record the following information from the anonymous user :

  • session_id

  • user_id

  • account_id

  • session_datetime

  • session_date

  • session_time

  • session_firstuserhit

  • session_geoloc

  • session_navigatorappcodename

  • session_navigatorappname

  • session_navigatorappversion

  • session_navigatorcookieenabled

  • session_navigatorlanguage

  • session_navigatoronline

  • session_navigatorplatform

  • session_navigatorproduct

  • session_navigatoruseragent

  • navigatoruseragent_devicebrand

  • navigatoruseragent_devicefamily

  • navigatoruseragent_deviceisspider

  • navigatoruseragent_devicemodel

  • navigatoruseragent_osfamily

  • navigatoruseragent_osmajor

  • navigatoruseragent_osminor

  • navigatoruseragent_ospatch

  • navigatoruseragent_ospatchminor

  • navigatoruseragent_agentfamily

  • navigatoruseragent_agentmajor

  • navigatoruseragent_agentminor

  • navigatoruseragent_agentpatch

  • session_screencolordepth

  • session_screenheight

  • session_screenwidth

  • session_capabilitytouch

  • session_capabilitygeolocation

  • session_capabilitycanvas

  • session_capabilitystorage

  • session_capabilityvideo

  • session_capabilityjava

  • session_navigatoriemode

  • campaign_id

  • session_screensize

  • session_device

  • session_firstuserhitlabel

  • session_capabilitytouchlabel

 

AI Server Locations for Image Analysis and Processing

Microsoft Servers

Location: Microsoft servers used for image processing are located in the "West Europe" region, specifically in the Netherlands. This location ensures a privacy compliant data management for European clients.

Google Cloud Platform (GCP) Servers

Data Handling: When using Google Cloud Platform's AI servers, images are processed in memory only and are never permanently stored, enhancing data security and privacy. Google Vision datacenters are located in Netherlands (europe-west4).

Wedia DPO

You may contact our DPO at the following email address : dpo@wedia-group.com