Data protection FAQ
All about cookies
What are cookies? A cookie is a small file placed onto your hard drive by the server of the website you’re visiting. It contains several data elements:
- The name of the server who placed it
- A non-nominative identifier in the form of a unique number
- An expiration date (in France, a cookie’s lifetime cannot exceed 13 months)
This information is sometimes stored on your computer in a simple text file, which servers may access in order to read and save data.
Are there different types of cookies?
“First-party” and “third-party” cookies refer to the website or domain issuing the cookie: “first-party” cookies are associated with the domain of the site you’re visiting, and “third-party” cookies are associated with a separate domain. For example, if you visit an AT Internet customers’ website, the site might place a “first-party” cookie on your browser, or a “third-party” cookie from AT Internet.
In both cases, the reasons for using the cookie remain the same as explained above.
How do cookies help visitors?
With cookies, websites can customise a user’s browsing experience online for more streamlined and personalised interactions.
How do cookies help us at AT Internet?
What information does AT Internet collect via cookies?
All data we collect gives us insights into users’ browsing and behaviour on our websites, and the websites of our customers. Some examples of the types of data we collect:
- number of visitors
- repeat visits
- number of page views
- time spent on each page
This information helps us to gauge users’ interests, and then improve website content and usability accordingly.
Where is this cookie data stored?
All cookie data collected by AT Internet is stored in the European Union.
Who has access to this data?
Only you and AT Internet have access to the AT Internet’s audience measurement cookies.
How long do AT Internet’s cookies stay on my browser?
AT Internet’s cookies remain active during a set period of 13 months. AT Internet keeps raw data collected via cookies for 6 months.
Can cookies carry viruses?
No. Most all cookies are strings of text – they contain data and are not executable programs, so therefore cannot harm your computer.
What is the “opt-out cookie”?
When you refuse to allow data collection about your navigation on a web or mobile site, you must accept an “opt-out cookie” in order for this preference to be remembered on your browser. This ensures that your opt-out request can be recognised and remembered for each subsequent visit.
If you refuse the placement of all cookies on your browser, the quality of your user experience may be lessened, as certain cookies are essential for certain sites to function correctly. To avoid this problem, you may simply accept AT Internet’s “opt-out cookie”, which will allow us to recognise your wish to not be tracked, while still permitting you to enjoy a normal user experience.
Please note, if you do not accept the “opt-out cookie” (or if you delete it), we will not be able to recognise your opted-out preference, and will therefore continue to collect data about your browsing activity.
How can I disable AT Internet cookies?
You may adjust your preferences at any time and submit your choice to either enable or disable AT Internet cookies on this page.
By clicking “I wish to OPT OUT” you will automatically receive the “opt-out cookie” (no action required from you), which will allow us to recognise your wish to not be tracked on sites measured by AT Internet.
To cancel this choice and delete the “out-out cookie”, you may simply select the “I wish to OPT IN” option. The sites (measured by AT Internet) you visit will be able to track your navigational activity.
Removing or blocking cookies is done at the browser level. Depending on your browser(s), please visit the following page(s) for help with managing your cookies:
- Microsoft’s Windows Internet Explorer (select your browser version)
- Microsoft’s Windows Internet Explorer Mobile
- Mozilla Firefox
- Google Chrome for desktop
- Google Chrome for mobile
- Apple Safari for desktop
- Apple Safari for mobile
Please note, this list is not exhaustive. If you use a different browser, please explore your specific browser’s settings to manage and delete cookies.
What is a mobile ID?
A mobile ID is a unique identifier enabling a device (smartphone, tablet, etc.) to be recognised in a unique manner.
Are there different types of mobile ID?
Yes, depending on the operating system, there are different IDs available to mobile app publishers. For example, UUID, IDFV or IDFA exist for Apple’s iOS, and UUID, Android ID or Advertising ID exist for Android.
What information does AT Internet collect with the mobile ID?
As with cookies, Mobile ID permits us to track information such as visitor data, visit data, page view data, etc.
Geolocation & IP addresses
How do you geolocate desktop visitors?
We use IP addresses to identify the geographic locations of website visitors at a regional level (or in some countries, at the city level).
How do you geolocate mobile visitors?
To geolocate mobile users’ devices, AT Internet may use two methods:
- IP address: We collect the IP address depending on how the user’s mobile device accesses the Internet – either via a WiFi access point, or the nearest 3G/4G cell tower.
- GPS coordinates truncated to two decimal degrees: These coordinates are then converted into a graphic representation (heatmap). Coordinates are never displayed in our customers’ online interface.
How and when are IP addresses truncated?
Upon client request, IP addresses are truncated before geolocation happens. We will truncate the last octet (the last 3 digits) and only retain the truncated IP address.
By default, truncation (removal of the last octet) is automatically applied to the IP addresses of Internet users visiting the websites of:
- our German subsidiary AT Internet GmbH’s customers
- our customers who have subscribed to the “cookie consent exemption” option offered by AT Internet SAS (France), in agreement with the CNIL (France’s data protection authority, the Commission Nationale de l’Informatique et des Libertés)
How long do you store this data?
IP addresses and GPS coordinates are raw data; we therefore conserve them for 6 months.
Data Protection Officer
What is the role of a Data Protection Officer (DPO)?
A Data Protection Officer is a person in charge of the protection of personal data processed by an organisation (whether it’s a company, governmental body, etc.). This relatively new role has become much more prevalent due to the GDPR.
The DPO is a true “conductor” in terms of ensuring his/her organisation’s compliance with data protection requirements. The DPO is responsible for several missions:
- inform and advise the data controller or data processor, as well as its employees
- ensure European and national data protection regulations are respected
- advise his/her organisation on privacy impact assessments (PIAs) and verify they are carried out correctly
- cooperate with the supervisory authority and act as the point of contact for this authority
In which cases is an organisation required to designate a DPO?
Per article 37 of the GDPR, a data controller or data processor must designate a DPO if:
- processing is carried out by a public authority or body
- their core activities require regular and systematic monitoring of data subjects on a large scale
- their core activities require processing (on a large scale) of “sensitive” data or data relating to criminal convictions and offences
In all other cases, it is strongly recommended to designate a DPO. Keep in mind that each EU Member State has the freedom to make DPO designation mandatory. For example, Germany has maintained its requirement for DPO designation for all organisations with 10 or more employees.
Who is AT Internet’s DPO?
AT Internet has designated a DPO at the group level, Nicolas Boudillon.
Our German subsidiary also has its DPO, Louis-Marie Guérif.
Each DPO can be contacted:
- By mail: AT Internet, DPO, 85 avenue JF Kennedy 33700 Mérignac, France
- By email: dpo(a)atinternet.com
- Via the contact form available
Legislation on personal data
What European legislation is currently in force?
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (commonly known as the “GDPR”)
- Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning privacy and electronic communications, amended by Directive 2009/136/EC of 25 November 2009
How does AT Internet apply the GDPR?
AT Internet has made a practical guide available to its customers, which explains in detail how to ensure GDPR compliance within the framework of AT Internet solution usage.
For more information on the guide, customers may contact our Support Centre.
Does AT Internet apply any other legislation?
Yes. AT Internet respects and applies the legislation currently in force in Singapore:
- Personal Data Protection Act 2012 (“PDPA”): Governs the collection, use, disclosure and care of personal data.
- See all of Singapore’s personal data protection legislation
Additionally, AT Internet GmbH (AT Internet’s German subsidiary) has been certified every year since 2010 by TÜV Saarland, a renowned independent German certification organisation. TÜV Saarland recognises that the data collection and processing procedures associated with AT Internet’s solution comply with data protection and security standards.
Data quality certifications
We guarantee reliable and secure data for our customers with the most demanding data protection requirements. Our commitment to transparency is also demonstrated by the international seals and certifications we have earned from various regulatory bodies, in France and worldwide:
ABC – United Kingdom
ACPM (OJD France)
AT Internet has received the ACPM/OJD seal for certification of web and mobile site traffic data. This seal indicates that AT Internet responds to the following criteria: executes tagging practices as a “third-party measurer” and strictly applies the definition of a visit. If you are interested in OJD certification, please contact us.
KIA-INDEX – Sweden
Our digital analytics solution is certified by KIA-index for traffic measurement on web and mobile sites. KIA-index is a joint industry committee with representatives from across the Internet industry, and is also part of the Association of Swedish Advertisers. Each month, KIA-index lists traffic volume data for websites, mobile sites and apps that have elected to be included in the KIA-index list. This list is widely recognised and has obtained a high level of confidence in the Swedish digital advertising industry. If you would like your web, mobile or app traffic to appear in the KIA-index, please get in touch with us.
Terminology & definitions
Please consult our glossary for explanations and definitions for terms related to data privacy and digital analytics.
Get your analytics GDPR-ready
Learn how to fully respect users’ privacy and rights while still making the most of your audience data.
Here’s your all-inclusive rundown of the main aspects of the GDPR at the one-year mark – make sure your web analytics is compliant!
Get more in-depth information about how AT Internet’s digital analytics solution is GDPR-compliant.
We'll give you a call
Our digital analytics experts will be happy to give you a call and answer all your questions. Just give us a few details about yourself below.