Data Privacy

Data protection

The data of our customers is at the core of our business. We strive for the best possible protection of this data. To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we’ve put appropriate physical, technical, and organizational procedures in place to secure our systems. See below for details.

Access control 

Our customers individually control access to the data that germainAPM has access to. Only users who are members of a monitoring environment’s administrative groups are able to grant or revoke access to collected data. How these roles are managed and the available options for managing access control in germainAPM are explained in detail on the online germainAPM documentation.

When a customer requires support from germainAPM, authorized germainAPM employees can be granted access to view customer data, restricted by a strong “need to access” policy. All such authorized germainAPM employees are bound by strict confidentiality agreements.

Monitoring & audit logging 

All systems operated by germainAPM are subject to health and security monitoring, audit logging, and automated analysis of system logs. When germainAPM support is requested for remote installations, access to customer systems is recorded by audit logs.

Data encryption 

All electronic communication sent to and from germainAPM over HTTPS relies on TLS encryption on port 443. germainAPM’s components (Agent, Chrome Extensions, Dashboard, Engine,  Enterprise Server, JS Script, Mobile Application), which are installed on-premise, encrypt all data before they are sent to germainAPM Server. Metric and transaction data is encrypted even while at rest, and each customer’s data is programmatically partitioned from the data of other customers.

Data retention periods

germainAPM stores and retains different types of monitored data from your environments. The monitoring data is stored on the germainAPM Server. The following table shows the general retention periods for germainAPM, on-premise and on the cloud.

Data retention by type 

 

Data type

germainAPM Cloud

germainAPM on-premise

Storage

Raw Data

Configurable, with maximum 365 days of retention time

Configurable, with maximum 365 days of retention time

Proprietary

Aggregated Data

Configurable, with maximum 365 days of retention time

Configurable, with maximum 365 days of retention time

Proprietary

 

germainAPM users can delete germainAPM data at any time. If a user deletes an issue, the related support archive and analysis report are deleted from germainAPM datastore and the AWS S3 bucket immediately. The analysis result in germainAPM Health Control is deleted after 30 days.

Personal data captured by germainAPM

germainAPM captures a lot of end-user data from monitored environments. This data can potentially include sensitive personal information, personally identifiable information (PII), and data that is sensitive to an individual end user.

This page provides information about potential sources that may include personal and sensitive data and how to configure capturing and masking rules in order to comply with data privacy and data protection laws and regulations, such as GDPR (Europe), California Privacy Act (CCPA), and Brazilian General Data Protection Law (LGPD).

In germainAPM, masking happens at three different stages:

  • Anonymized, Encrypted or Excluded: Data is either Anonymized, Encrypted or Excluded (not captured) by germainAPM’s component before it is sent to germainAPM  Enterprise.

 

germainAPM compliance with GDPR for EU citizens

Companies use germainAPM products to monitor the performance and quality of services such as web and mobile applications. germainAPM doesn’t, by default, track personal data, but such tracking is possible depending on individual environment configurations and the applications that they are monitoring. For these reasons, germainAPM is and must be GDPR compliant.

Data controllers and data processors 

GDPR differentiates between data controllers and data processors.

  • A data controller determines the purposes and means of the processing of personal data. Such companies, including those that use application performance monitoring, must ensure that personal data is collected and used in accordance with regulations.
  • A data processor processes personal data on behalf of a data controller. germainAPM, for example, processes personal data for its customers in the course of providing application performance monitoring. Data processors must ensure that stored personal data is protected.

Real User Monitoring (RUM) and personal data 

The recording of personal data is acceptable under General Data Protection Regulations (GDPR) as long as the data collection is proportionate. A data controller must:

  • Record minimal personal data and process it safely.
  • Adhere to obligations that ensure rights, such as the right to information and the right to be forgotten.

When germainAPM products capture personal data, it’s typically through the use of Real User Monitoring (RUM), also known as User Experience Monitoring (UEM), either using germainAPM’s JS Script, germainAPM’s Chrome Extension or/and germainAPM’s Mobile Application.

RUM captures performance metrics from inside a user’s browser and offers the ability to identify and track each user session, including entire click paths. This information is needed to monitor performance, provide high-quality service monitoring, and quickly resolve issues when problems are detected. For more details, see What personal data is captured by germainAPM?

What our software does with personal data:

  • RUM mainly captures URLs and IP addresses, as required for performance management. RUM can be configured to capture usernames, user IDs, and other personal data to provide better detail about user sessions that experience performance problems.
  • RUM tracks click paths but it doesn’t track personal data such as birth dates, social security numbers, credit card numbers, pictures, and social preferences (unless explicitly configured to do so). This is because germainAPM products are focused on clicks, response times, and service communication, not specific input values.
  • Collected data ages out and is automatically deleted over time, typically within a few weeks. So, an EU citizen’s “right to erasure” is handled by default.

User notification of data storage 

Customers are required to be transparent with their users and inform them of the ways in which they collect and use their users’ information (typically by way of a Privacy Notice). Where customers engage any third parties to collect information about their users on their behalf (such as germainAPM), whether for the purposes of application and behavioral analytics or otherwise, this should be made transparent in its Privacy Notice.

We, therefore, recommend that customers review and update their Privacy Notices before using our products and services. If customers wish to explain more about what germainAPM is and what information we collect, customers may refer users to our Privacy Policy.

Real User Monitoring privacy settings 

germainAPM recommends the following RUM settings (assuming that these settings aren’t superseded by other legal requirements faced by your organization).

Unintended data collection 

Through improper implementation or configuration, it’s possible that a web application may perform unintended data collection. It’s the responsibility of each organization to ensure that personal data are captured responsibly.

If you become aware of any unintended data collection, or have any concerns about data privacy, please contact us at info@germainAPM.com so that we can look into the details and work with you on a resolution.

Session Replay 

Session Replay records all interactions that a user may have with your application. To avoid capturing user sensitive data, Session Replay comes with a variety of configuration options such as form field masking, content masking, and attribute masking.

 

How germainAPM provides GDPR compliance 

germainAPM products provide support for GDPR compliance in the following ways:

  • Right to be informed: Users may want to understand what data is collected about them. germainAPM products have query functions that support this, and session results can be exported to formats such as JSON for analysis.
  • Right for erasure (also known as, the right to be forgotten): Users may want their data to be deleted. Session data has a relatively low retention period, and GDPR gives data processors 30 days to process each customer request.
    • For germainAPM® Cloud, the data retention period is 7 days.

Note: You can exclude or anonymize data for specific users that are identifiable by criteria such as IP address or user tag. See Data Exclusion and Anonymization (log on to germainAPM > left menu > analytics > data privacy) to learn how.

  • Right to restrict processing: This is supported by the “exclude” feature and the requirement that users accept RUM tracking before JavaScript is injected into their browsers to enable RUM.
  • Right to data portability: Users may want to change platforms and take their data with them. Users have no need to export their click paths and import them into other web applications.
  • Right to rectification or objection: Users may want to change address information or fix incorrect information.
  • Data protection: GDPR specifically rules that state-of-the-art mechanisms be implemented to protect personal data.
    • germainAPM Cloud deployments encrypt all customer data by default and therefore fulfill this requirement as a data processor.
    • For germainAPM on-premises deployments, the operators are responsible for using appropriate protection such as transparent hard-disk encryption.

Custom privacy policy for germainAPM Real User Monitoring

Privacy policy 

You’re free to redistribute the policy language below for use within your organization’s own data-privacy and cookie policies for web applications.

Web applications 

Privacy notice

We use germainAPM to gain insights into the performance of our web application and to understand how our users navigate through it. germainAPM captures data like W3C timings, button clicks, link clicks, JavaScript errors, browser types, and geographic regions. This data helps us to continuously improve the performance of our offering and to identify and fix functional problems. For this to work correctly and effectively, germainAPM requires use of a set of cookies.

If you’ve enabled the cookie op-in setting and explicitly request user-consent for tracking, then it’s recommended that you use the following language in your organization’s cookie policy:

Capture performance data opt-in

Allow germainAPM to capture performance data related to button clicks, page loads and web requests that are triggered along my journey through this web application. This enables germainAPM to analyze application usage, improve performance, and address any troubles that may arise. Accepting this setting also enables germainAPM cookies.

If you’ve enabled the RUM setting for considering do-not-track headers, it’s recommended that you use the following language in your organization’s privacy notice:

Anonymize personal data

You can enable your browser’s built-in do-not-track feature to ensure that no personal data is captured.

Mobile applications 

Privacy notice

We use germainAPM to analyze usage patterns, optimize performance, and troubleshoot issues related to this app. Personal data may be captured during the course of monitoring. We won’t share or sell any personal data. This data is utilized only for analyzing app usage and performance.

What data is collected? germainAPM captures data related to button clicks and web requests that are sent by this app. Error messages and stack traces are captured when crashes occur. The only personal information germainAPM collects is the email address you use to log into this app.

Please note that email addresses aren’t captured out-of-the box. If you don’t use tags to tag your users for user-session analysis, you can omit the last paragraph in the notice above. If you record other personal data, you should document your guidelines for protecting those data.

With mobile apps, you can enable user opt-in mode initially and then begin monitoring of those users who have explicitly given their consent to share their usage data. When user opt-in mode is active, germainAPM JS Script for Mobile starts with monitoring disabled. Monitoring must then be enabled manually via an API call for each user, following their consent to your privacy policy.

If your application uses opt-in mode, you may re-use the following text blocks to create a privacy settings page in your app that explains those privacy controls that relate to germainAPM mobile application monitoring. Every text block describes a toggle button that allows every user to store his preferences. Whenever the user changes his preferences you can use mobile agent API calls to control the data collection level and whether crash reporting is enabled or disabled.

Capture performance data

Allow germainAPM to capture performance data related to button clicks and web requests that are triggered along my journey through this app. This enables germainAPM to analyze application usage, improve performance, and address any troubles that may arise.

Anonymize personal data (on|off)

Don’t include my personal data (for example, my email address) in reported data

Crash reporting

Allow germainAPM to collect crash reports, including stack traces and error messages. germainAPM uses this information to resolve problems that you may encounter while using this app.

Data privacy and exchange in On-Premise deployments

germainAPM On-Premise component administrators have access to a number of data-privacy settings that affect the sharing of sensitive end-user data.

  • See data data privacy section for information on privacy settings that suit your organization’s needs.

All germainAPM On-Premise components exchange information with germainAPM Enterprise, at least once, or periodically.

  • See data exchange section for information on data that germainAPM receives from and pushes to your components.

You may want to opt-out of certain communications, such as allowing germainAPM to proactively access your components and environments. However, some messages are mandatory and can’t be switched off.

 

 

Data privacy 

All settings are enabled by default. Proper configuration of these settings depends on the unique needs of your organization. In addition to pro-active support settings, you’ll also find settings related to new Community-user setup and domain name management. Please see below for details on the available controls.

To ensure GDPR compliance, you must be aware of what personal data is captured by germainAPM and you must configure germainAPM to protect personal data.

  • To configure data privacy settings within your On-Premise environment, go to Analytics> Browser & UX, Data Privacy or Url Privacy.

Note: You must have component administrator privileges to access the Preferences page.

Pro-active support 

germainAPM On-Premise provides fully automated self-management capabilities that keep your system secure, reliable, and up-to-date. To achieve this, germainAPM needs to send certain information to the germainAPM Enterprise.

Report usage and billing information

Each germainAPM On-Premise component reports license-relevant consumption data such as number of host units, custom metrics or log monitoring for each environment.

Report germainAPM component health

germainAPM components send status information, including component IDs, privacy flags, time zones, traffic levels, and maintenance windows. Server state, including number of CPU cores, CPU load, and used/free storage are reported on a per-component basis.

Report component and germainAPM components events to germainAPM Enterprise

For each event, components send type, severity level, time stamp, and description detail so that germainAPM can remotely analyze and address problems or incompatibilities in your environment. When disabled, your organization is responsible for monitoring system events and collecting log files necessary for problem resolution prior to contacting germainAPM.

germainAPM deployment health monitoring

germainAPM On-Premise installation contain a germainAPM components that provides self-monitoring of component health.

Allow germainAPM remote access to environment monitoring settings

In the case of detected events, germainAPM can remotely check the monitoring settings of your component configuration.

Allow germainAPM to change your configuration

When enabled, germainAPM can remotely optimize your environment’s monitoring settings to ensure optimum performance and stability.

Privacy 

Report information about monitored technologies and feature usage

germainAPM proactively sends alerts for incompatibilities or technology-specific risks related to your environment. germainAPM can report information about installed germainAPM components versions, process technologies, hosts and other related entities and configurations. The retrieved information may be used for support and to improve germainAPM offerings. germainAPM may use this data (if aggregated and it can’t be used to identify end users) for industry analyses, benchmarking, and analytics. Learn more about how germainAPM sends information about monitored technologies in your environment.

Help us improve germainAPM for your users by sending usage data from browsers

germainAPM uses Woopra (a customer-analytics provider headquartered in San Francisco, California) to analyze the usage of germainAPM On-Premise and provides customers with better experience. Woopra utilizes cookies that are stored on each end user’s computer. Thereby, information such as IP address, geolocation, browser or device type, along with user-action details within germainAPM On-Premise are captured. Disabling this setting prevents such usage data from being sent.

Use Enterprise as email notifications sender

Enable your own SMTP server to determine how germainAPM delivers email notifications, reports, and other communications to users and administrators.

  • To configure your own SMTP server, log into the Component Management Console and go to Settings > Emails >SMTP server.

You can find more information on configuring your own SMTP server in Configure an SMTP server connection.

germainAPM community 

Create germainAPM Community user account upon login

The germainAPM Community provides an Internet forum for customers and digital performance experts to connect with each other and share ideas. Registered users can ask questions and view answers at germainAPM Answers and create support tickets.

Integrate germainAPM Help and Answers user-forum content into in-product search results

The search bar in germainAPM sUI can be used to query external content in both the germainAPM Answers user forum and within our online documentation. When disabled, users must to search these sites independently to find answers to their questions.

Manage domain name & SSL certificates 

Enable this setting to generate a domain name (a subdomain of germainAPM-managed.com) with a trusted certificate for your germainAPM On-Premise component.  Certificates are downloaded by HTTPS (REST API) via Enterprise.

Enable management of domain name and SSL certificates

Enable this setting to generate a domain name (a subdomain of germainAPM-managed.com) with a trusted certificate for your germainAPM On-Premise component. All users in your environment can then access germainAPM at <prefix>.germainAPM-managed.com. Please note that this process may take a few minutes. Once complete, you’ll be able to access the new URL. Disabling this option results in SSL certificates and the component URL being rolled back to the previous version. Remember to update your SSO IdP settings with this URL.

Data exchange 

The following information transparently documents the mandatory data that germainAPM receives from your germainAPM On-Premise component. Note that all communication between components and  Enterprise is encrypted and always component-initiated only. germainAPM isn’t able to initiate a connection to customer components.

Installation 

Frequency: Once during installation and during every upgrade
Component request: License key
 Enterprise response: Account name, license name, germainAPM components installation flag (true/false), germainAPM components download URL

Registration 

Frequency: Once (after first startup)
Component request: License key, component ID
 Enterprise response: Registration status, username, password

License 

Frequency: Once every 60 minutes
Component request: No component request
 Enterprise response: License status, component ID, license key, license details, license model

Health check 

Frequency: Once every 5 minutes
Component request: Component ID, privacy settings, time zone, traffic size, update/maintenance window. Each component node adds technical details including OS name and version, number of CPU cores, CPU load, total RAM, free RAM, total disk storage, used storage, server state, master node flag (true/false), and startup time stamp. Each Component adds its version, OS name and version, status, certificate issuer, and type (e.g., beacon forwarder).
 Enterprise response: Health status, message

Consumption 

Frequency: Once each hour
Component request: Component ID, consumption timeframe. Each environment adds the number of new problems, RUM sessions, synthetic monitors. Every host adds a category, a list of monitored technologies, and monitoring timeframes. For each synthetic monitor, the ID, description, type, success count, failure count and action count are transmitted. See Export licensing data.
 Enterprise response: Status, remaining RUM sessions, consumed RUM overage, host units overage, remaining synthetic monitors, consumed synthetic monitors overage. For each environment, its ID, consumed RUM sessions, consumed synthetic monitors, and host units are returned.

Heartbeat 

Frequency: Once each minute, or every 5 minutes if remote access is disabled.
Component request: Component ID, node ID, source type (e.g., server)
 Enterprise response: Remote UI request flag (true/false), Websocket URLs

Updates 

Frequency: Once each hour
Component request: No component request
 Enterprise response: For component updates: version, description, download URL, size. For germainAPM components and JavaScript tag updates: label, version, download URLs. 

Note

We never send host names or other information that may compromise your component’s security.