Data Privacy
This chapter describes how the SuiteCommerce Analytics Data feature conforms to the NetSuite controls and policies in place for data minimization, deletion, and shopper opt-in or opt-out functionality.
PII and Data Minimization
Personally identifiable information (PII) is data that can be used to determine a person’s identity. PII can range from basic information such as a name, location, or phone number to data that shows a person’s browsing or buying habits. Rules and regulations about PII vary by country, but usually include strict guidelines covering personal information acquisition, storage, and removal. Also listed are guidelines about who can access PII data and the length of time that data is kept.
A common theme is collecting the least amount of data needed to accomplish the task at hand. This theme is often called data minimization.
The following topics describe how NetSuite works to follow these PII guidelines.
Data Retention
NetSuite applies guidelines to ensure aging analytics data is deleted on a timely basis. The deletion methods used prevent the data from being recreated, accessed, or read.
-
Time-based Deletion — Shopper analytics data is deleted six months after it is collected.
-
Related Record Deletion — If a shopper’s customer record is deleted, that shopper’s analytics data is deleted six months after the record deletion.
-
Deletion by SuiteCommerce Customer — Customers can delete their shopper’s customer record in NetSuite.
Customers cannot delete the End User Identifiable Information (EUII) data saved in temporary data stores. Temporary EUII data is automatically removed from NetSuite after 30 days plus an offline index retention period.
-
Deletion by NetSuite — Authorized NetSuite personnel can delete shopper data upon receiving a request from the shopper or the SuiteCommerce customer.
Customers and shoppers cannot delete the EUII data saved in temporary data stores. However, this data is automatically removed from after 30 days.
Data Security
Overall access to shopper data is restricted to authorized NetSuite personnel with safeguards limiting the amount and types of data various personnel can access. Access to data that is specific to a SuiteCommerce web store is determined by the web store owner’s administrator and by NetSuite.
Data Portability
The SuiteCommerce Analytics Data feature provides customers with various methods for obtaining structured, machine-readable data output that they have permitted to be uploaded and stored in NetSuite.
-
Analytics data is stored as NetSuite records. The NetSuite platform supports multiple methods for exporting record data.
-
Customers can use NetSuite’s Saved Search and Workbook Analytics features to export analytics data in CSV format.
Data Availability
To ensure availability of shopper analytics data stored in NetSuite, information saved to customer or contact records is stored in the Oracle database with all other NetSuite customer data.