Zeotap accepts both hashed as well as Raw PII (Personally identifiable information) into your Zeotap account. However, we understand the sensitivity of storing and using PII data across the various channels of activation. Hence, we provide a very secure environment to store and use your PII data within your Zeotap access.
This topic provides you with a view into the onboarding of Raw PII data into Zeotap and how Zeotap treats and stores this information securely within your account.
Raw PII can come from any source like flat files, javascript, pixels and mobile SDKs. The common steps to be followed for any source type is to define your Raw PII in your org’s catalogue.
Note:Flagging the raw PII fields in your org’s catalogue is a critical step and is the responsibility of the org.
For streaming sources, some additional implementation level steps are required to pass the raw data through our native sources like Web Js, GTM, pixel tags. Follow the steps as mentioned in the respective links below.
Any data that is marked as Raw PII in your organisation’s catalogue, is encrypted before ingesting and storing it in our graph or Big Query table. The PII information is masked across the UI for all roles once it is classified by you in your organisation’s catalogue. The encrypted data is only available to the downstream systems for activation purposes.
Note:Zeotap uses the RSA Encryption Algorithm as the encryption algorithm.
If any channel (source) accepts or requires only raw PII IDs like email addresses or phone numbers to execute the campaign set up by you, then the system decrypts and pushes such information as per the set-up and as required by the selected channel (Source).The channel qualified for the raw data push is flagged as Accepts Raw PII in the channel set-up as well as the channel selection screen. Hence, look out for this flag to identify such channels at the time of activation.
When data is pushed to any destination that requires raw PII data, the data is encrypted at the field level in the database and decrypted during the upload process. Since the destination does not receive encrypted PII, no key is required because the destination prefers the data in raw format.
Your data in the BigQuery or GCS buckets can only be accessed by users who have the role of a Client Admin and Editor in Collect. However, for the purpose of debugging or product support, the Zeotap representative can raise a request to the Admin of the account. Only after the approval of this request, the Admin gets timed access to your BigQuery or GCS bucket.
