Data Collection Practices

Gamera fundamentally believes that a privacy-first approach to the internet is the future and because of this our software does not use cookies.

By deploying Gamera to your site, Gamera collects the following types of event data when visitors visit your site:

• An event name such as pageview, add_to_checkout, purchase, etc
• A date/time of an event
• A random id identifying a single user session
• The http referer sent by the web browser
• The full page url, including url parameters
• The screen size of the device
• The user agent string or user agent helper from the browser
• The estimated Country, City, and/or Zipcode of the visit (provided to us by our CDN provider without us having to process the visitor's IP address)
• Metrics associated with an event such as Ad revenue, product sales, etc

Data Ownership

At Gamera we believe that all data collected from our script belongs to you and as such we will provide you tools to export this data in the same format that we currently store it. We may charge you a small processing fee to export this data in the future.

GDPR Consent and Gamera

Gamera is designed to be deployed without the need for additional GDPR consent. In some instances, depending on how you use our tool, you may be subject to GDPR consent requirements and it is the responsibility of the Site Owner (Gamera Customer) to:

• Seek legal advice to understand their unique situation
• Obtain consent when necessary by law
• Not load Gamera's scripts on site visits where GDPR or other privacy regulations prohibit you from collecting personally identifiable information without consent.

Custom Events and Custom Dimensions

Gamera is an incredibly powerful tool for marketers and site operators. In order to better model and understand your site's performance and user journeys we allow you to create and send custom events and custom dimensions. If you chose to use this feature you must be aware that sending the following types of data within custom events or dimensions could trigger the need to capture GDPR consent:

• a name and surname;

• a home address;

• an email address such as name.surname@company.com;

• an identification card number;

• location data (for example the location data function on a mobile phone)*;

• an Internet Protocol (IP) address;

• a cookie ID;

• the advertising identifier of a phone;

• data held by a hospital or doctor, which could be a symbol that uniquely identifies a person.

  Note that in some cases, there is a specific sectoral legislation regulating for instance the use of location data or the use of cookies – the ePrivacy Directive (Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 (OJ L 201, 31.7.2002, p. 37) and Regulation (EC) No 2006/2004) of the European Parliament and of the Council of 27 October 2004 (OJ L 364, 9.12.2004, p. 1)

  It is recommended that if you chose to use our product to collect any such information that you consult a lawyer and plan appropriately prior to using our product in countries where GDPR applies