Recherche avancée

Sur d’autres sites (6149)

• How to increase conversions to meet your business goals

  8 septembre 2020, par Joselyn Khor — Analytics Tips, Marketing
   Through optimizing your messaging, content, or your page layouts, you can increase conversions by getting your visitors through a clear pathway to achieve your business goals.

  Conversion Rate Optimization

  When we talk about optimizing websites to improve and increase conversions, we’re really talking about conversion rate optimization (CRO).

  CRO is the process of learning what the most valuable content/aspect of your website is and how to best optimize this for your visitors to increase its chance to convert. It typically involves generating ideas for elements on your site or app that can be improved, learning which pathways visitors are most likely going to take to conversion and then validating those assumptions through A/B testing and multivariate testing to transform learning into actionable insights.

  Conversion Rate

  The conversion rate is expressed as a % and the goal for any business should be to increase the % of conversions for any given goal e.g. in February a website had 200 newsletter sign-ups from 1,000 visitors on its sign-up page, a conversion rate of 20%. CRO should be used to increase the sign-up rate from 20% to 25%, and then eventually from 25% to 30% and so on.

  CRO cheat sheet

  You need to consider your website or business’ objectives (bigger picture) as well as your website goals (smaller achievements). Whatever the aim of your website, it’s crucial for this to be your starting point. Figure out what you want your website to do and what you want visitors to get from it. When you do that, you’ll know what conversions to focus on.
  

  • Define your business/website’s objectives. Do you want the website to drive sales ? Is the website a hub to raise awareness for a charity ? Do you want to increase readership for your news site ?
  • Define what your conversion goals are. This helps you narrow your focus so you follow a path to meet your overall objectives. By defining these, you clarify for yourself the next actions you should take, such as wanting to funnel users through to a sign up landing page. Then you’ll need to optimize and test your sign up landing page. If conversions are low, then tweak it and measure the results until you find you’ve increased conversion rates.
  • Conversion goals can include :
    • Purchases in your ecommerce store
    • eBook downloads
    • Sign ups to your mailing list
    • Visitors successfully filling in a contact form
  • Figure out what your Key Performance Indicators (KPIs) are and the metrics you need to focus on to achieve them.

  How to increase conversions with Matomo

  1. Set goals
  2. Heatmaps
  3. Session Recordings
  4. A/B test
  5. Form Analytics
  6. Funnels
  7. Behaviour

  1. Set goals

  “Make Sure Goals Are Clearly Understood. To prove the value of an analytics-focused company, any project you take on needs to have clear goals. If you don’t have a goal in mind you’ll fail. Everyone involved in the project needs to be aligned around the goals.”

  A goal is the measure of a successful action that you want your visitors to take. The more goals you track, the more you can learn about behavioural changes as you implement and modify paths that lead to conversions over time.

  

  You’ll understand which channels and campaigns (SEO, PPC, newsletter, blogging etc.) are converting the best for your business, which cities/countries are most popular, what devices are working and how engaged your visitors are before converting. Learn more

  2. Set Heatmaps

  This is vital to show how your visitors are engaging with your website, blog pages, signup and sales pages. If you want to learn how your visitors really engage with your website to increase conversions, Heatmaps lets you see the results visually without any guesswork.

  

  By showing where your visitors try to click, move the mouse or how far down they’re scrolling on each page, you can effortlessly discover how your visitors truly engage with your most important web pages. Rather than guessing, rely on facts to prove if the changes you make actually improve your website or not. Learn more

  How to improve conversion rates with Heatmaps :

  • If you’ve got important information that will sell your service/product or bring you loyal followers, make sure it’s in the hot zones as shown in your heatmaps.
  • Try to rearrange parts of your pages to see if that increases engagement.
  • Make it easy for people to take important actions by having the CTA above-the-fold where 100% of visitors see it. Make sure you don’t clutter this section with too many messages or actions.
  • You can also identify areas to add links as heatmaps shows where people want to click.
  • Find what content is most popular on the page

  3. Session Recordings

  This is a conversion research technique where you learn what your users are trying to do and make sure your website is optimized to give them what they want. With Session Recordings you can playback all the interactions your visitors took on your website, such as clicks, mouse movements, scrolls, resizes, form interactions and page changes in a video. Truly understand how real visitors are using your website and what experiences they’re having.

  Also, by understanding what’s working you’re increasing the usability of your website, Session Recordings allow you to identify problem areas as well as where users are getting stuck. Learn more

  

  How to improve conversion rates with Session Recordings : For example, on a product landing page, you see your visitor highlighting specific words and putting it into search. With this you can observe what they’re trying to find and what they’re actually interested in. As you tweak the page to ensure what the visitor wants can be easily found, you’re taking steps to increase the chance for more conversions.

  4. A/B Testing

  Test anything and test anywhere to increase your conversions. Grow your website by comparing different versions of your landing pages to determine what works best for your users. Subtle tweaks across different versions of your landing pages can have a significant impact on converting incoming traffic.

  

  The changes for each landing page could be :

  • A different headline
  • Less copy vs more copy
  • Different calls-to-action
  • Colour schemes, forms, fonts, links, testimonials,
  • Or, it could be an entirely different page layout altogether.

  The idea is to see if either page A or page B (or C or D) was most successful in getting your visitors to the next step in the conversion funnel. Learn more

  How Matomo used A/B Testing : For our sign up page we tested three different CTAs and found how phrasing words differently could help improve conversion rates. Both “Start improving your websites” and “Start converting more users now” were stronger CTAs and converted 7% more than, “Start my free 30-day trial”.

  5. Form Analytics

  Form Analytics gives you powerful insights into how your visitors interact with your forms (like cart, sign-up and checkout forms).

  

  Online forms can come in thousands of different variations. It’s an area on your website that if not done right, could lead to you missing out on converting a large portion of your visitors. Rely on facts when you change your forms. Learn more

  How to improve conversion rates with Form Analytics : By proving whether your form is doing better when you change it and by how much. This lets you consistently increase form submission rates (conversions) on your website which is crucial to the success of your business.

  6. Funnels

  At a glance you will learn the steps (actions, events and pages) your users go through to the desired outcomes you want them to achieve whether it’s a sale, sign-up or any other particular goal you have defined.

  

  Looking at the entire conversion funnel and focusing on usability, you’ll be able to identify where your visitors are having problems, where they aren’t understanding the flow of your webpages and identify obstacles that get in the way of your users reaching that end goal. Learn more

  How to improve conversion rates with Funnels : Learn what makes your visitors take action (or what stops them) in progressing to the next step in the conversion funnel. At each step, you’ll discover what content/layout resonates with your visitors and you can optimize your website to have the greatest impact on your business.

  TRY IT FOR FREE

  7. Behaviour

  This is one of the most important features to help you optimize your website for conversions. Learning visitor behaviour is a driving force to increase conversions. How ? It lets you identify where you could be taking action to increase conversions. You get to learn first-hand what content or feature on your site is or isn’t working for your visitors. 

  

  Engagement is essential to help increase conversion rates. If your visitors aren’t interested in the content on your site, then there’s very little chance they’ll be interested in what you have to offer. Learn more

  How to improve conversion rates with Behaviour : Get started by reducing bounce rates on important pages, testing messaging on your most popular entry pages, testing on the highest exit pages to reduce visitors leaving the site, learning pathways through Users Flow and Transitions to see if users are taking pathways that lead them to conversions or are the journeys currently long or go in odd directions. Discover how your visitors are responding to your content. The happier your visitors are to stay on your site, the more likely they’ll be able to move through the journey to help you achieve the goals you’ve set for your site.

  TRY IT FOR FREE

  Do privacy-focused industries need conversion optimization ?

  For industries that place extra emphasis on privacy and security, Matomo is a complete analytics tool that can cater for all your needs. You get the full benefits of a web analytics and conversion optimization platform as well as peace of mind knowing Matomo places emphasis on security/privacy and adheres strictly to GDPR.

  If you operate in a data sensitive industry like in government, healthcare, finance, education etc. you can rest assured knowing your user’s privacy is respected and that you will have 100% data ownership.

  Other conversion optimization metrics in Matomo to look at :

  Get a good indication that your conversion optimization efforts are working by knowing where to look and this starts by going through the metrics in your analytics. Below we list how you can make a start.

  “Best” metrics are hard to determine so you’ll need to ask yourself what you want your site to do. How do you want your users to behave or what kind of customer journey do you want them to have ?

  You can start with :

  • Decreasing abandonment rate
  • Decreasing bounce rate
  • Increasing interactions per visit
  • Reducing exit rates on pages that significantly impact your visitors to leave your site
  • Constantly test and learn what content resonates with your visitors
  • Look to advance more users through each stage of the conversion funnel
  • Improve your forms to increase submission rates
  • Always improve the conversion rate % for your goals e.g. if you currently have a 5% conversion rate for selling a product, aim for 10% ; if 30% of your visitors are downloading your e-book, then aim for 40%, then 50% and so on.

  Through optimizing your messaging, content or your page layouts, you will increase conversions by getting your visitors through a clear pathway to meet your website’s goal.

  TRY IT FOR FREE

• Virginia Consumer Data Protection Act (VCDPA) Guide

  27 septembre 2023, par Erin — Privacy

  Do you run a for-profit organisation in the United States that processes personal and sensitive consumer data ? If so, you may be concerned about the growing number of data privacy laws cropping up from state to state.

  Ever since the California Consumer Privacy Act (CCPA) came into effect on January 1, 2020, four other US states — Connecticut, Colorado, Utah and Virginia — have passed their own data privacy laws. Each law uses the CCPA as a foundation but slightly deviates from the formula. This is a problem for US organisations, as they cannot apply the same CCPA compliance framework everywhere else.

  In this article, you’ll learn what makes the Virginia Consumer Data Protection Act (VCDPA) unique and how to ensure compliance.

  What is the VCDPA ?

  Signed by Governor Ralph Northam on 2 March 2021, and brought into effect on 1 January 2023, the VCDPA is a new data privacy law. It gives Virginia residents certain rights regarding how organisations process their personal and sensitive consumer data.

  

  The law contains several provisions, which define :

  • Who must follow the VCDPA
  • Who is exempt from the VCDPA
  • The consumer rights of data subjects
  • Relevant terms, such as “consumers,” “personal data,” “sensitive data” and the “sale of personal data”
  • The rights and responsibilities of data controllers
  • What applicable organisations must do to ensure VCDPA compliance

  These guidelines define the data collection practices that VCDPA-compliant organisations must comply with. The practices are designed to protect the rights of Virginia residents who have their personal or sensitive data collected.

  What are the consumer rights of VCDPA data subjects ?

  There are seven consumer rights that protect residents who fit the definition of “data subjects” under the new Virginia data privacy law. 

  

  A data subject is an “identified or identifiable natural person” who has their information collected. Personally identifiable information includes a person’s name, address, date of birth, religious beliefs, immigration status, status of child protection assessments, ethnic origin and more.

  Below is a detailed breakdown of each VCDPA consumer right :

  1. Right to know, access and confirm personal data : Data subjects have the right to know that their data is being collected, the right to access their data and the right to confirm that the data being collected is accurate and up to date.
  2. Right to delete personal data : Data subjects have the right to request that their collected personal or sensitive consumer data be deleted.
  3. Right to correct inaccurate personal data : Data subjects have the right to request that their collected data be corrected.
  4. Right to data portability : Data subjects have the right to obtain their collected data and, when reasonable and possible, request that their collected data be transferred from one data controller to another.
  5. Right to opt out of data processing activity : Data subjects have the right to opt out of having their personal or sensitive data collected.
  6. Right to opt out of the sale of personal and sensitive consumer data : Data subjects have the right to opt out of having their collected data sold to third parties.

  Right to not be discriminated against for exercising one’s rights : Data subjects have the right to not be discriminated against for exercising their right to not have their personal or sensitive consumer data collected, processed and sold to third parties for targeted advertising or other purposes.

  Who must comply with the VCDPA ?

  The VCDPA applies to for-profit organisations. Specifically, those that operate and offer products or services in the state of Virginia.

  

  Additionally, for-profit organisations that fit under either of these two categories must comply with the VCDPA :

  • Collect and process the personal data of at least 100,000 Virginia residents within a financial year or
  • Collect and process the personal data of at least 25,000 Virginia residents and receive at least 50% of gross revenue by selling personal or sensitive data.

  If a for-profit organisation resides out of the state of Virginia and falls into one of the categories above, they must comply with the VCDPA. Eligibility requirements also apply, regardless of the revenue threshold of the organisation in question. Large organisations can avoid VCDPA compliance if they don’t meet either of the above two eligibility requirements.

  What types of consumer data does the VCDPA protect ?

  The two main types of data that apply to the VCDPA are personal and sensitive data. 

  

  Personal data is either identified or personally identifiable information, such as home address, date of birth or phone number. Information that is publicly available or has been de-identified (dissociated with a natural person or entity) is not considered personal data.

  Sensitive data is a category of personal data. It’s data that’s either the collected data of a known child or data that can be used to form an opinion about a natural person or individual. Examples of sensitive data include information about a person’s ethnicity, religion, political beliefs and sexual orientation. 

  It’s important that VCDPA-compliant organisations understand the difference between the two data types, as failure to do so could result in penalties of up to $7,500 per violation. For instance, if an organisation wants to collect sensitive data (and they have a valid reason to do so), they must first ask for consent from consumers. If the organisation in question fails to do so, then they’ll be in violation of the VCDPA, and may be subject to multiple penalties — equal to however many violations they incur.

  A 5-step VCDPA compliance framework

  Getting up to speed with the terms of the VCDPA can be challenging, especially if this is your first time encountering such a law. That said, even organisations that have experience with data privacy laws should still take the time to understand the VCDPA.

  

  Here’s a simple 5-step VCDPA compliance framework to follow.

  1. Assess data

  First off, take the time to become familiar with the Virginia Consumer Data Protection Act (VCDPA). Then, read the content from the ‘Who does the VCDPA apply to’ section of this article, and use this information to determine if the law applies to your organisation.

  How do you know if you reach the data subject threshold ? Easy. Use a web analytics platform like Matomo to see where your web visitors are, how many of them (from that specific region) are visiting your website and how many of them you’re collecting personal or sensitive data from.

  To do this in Matomo, simply open the dashboard, look at the “Locations” section and use the information on display to see how many Virginia residents are visiting your website.

  

  Using the dashboard will help you determine if the VCDPA applies to your company.

  2. Evaluate your privacy practices

  Review your existing privacy policies and practices and update them to comply with the VCDPA. Ensure your data collection practices protect the confidentiality, integrity and accessibility of your visitors.

  One way to do this is to automatically anonymise visitor IPs, which you can do in Matomo — in fact, the feature is automatically set to default. 

  

  Another great thing about IP anonymisation is that after a visitor leaves your website, any evidence of them ever visiting is gone, and such information cannot be tracked by anyone else. 

  3. Inform data subjects of their rights

  To ensure VCDPA compliance in your organisation, you must inform your data subjects of their rights, including their right to access their data, their right to transfer their data to another controller and their right to opt out of your data collection efforts.

  That last point is one of the most important, and to ensure that you’re ready to respond to consumer rights requests, you should prepare an opt-out form in advance. If a visitor wants to opt out from tracking, they’ll be able to do so quickly and easily. Not only will this help you be VCDPA compliant, but your visitors will also appreciate the fact that you take their privacy seriously.

  

  To create an opt-out form in Matomo, visit the privacy settings section (click on the cog icon in the top menu) and click on the “Users opt-out” menu item under the Privacy section. After creating the form, you can then customise and publish the form as a snippet of HTML code that you can place on the pages of your website.

  4. Review vendor contracts

  Depending on the nature of your organisation, you may have vendor contracts with a third-party business associate. These are individuals or organisations, separate from your own, that contribute to the successful delivery of your products and services.

  You may also engage with third parties that process the data you collect, as is the case for many website owners that use Google Analytics (to which there are many alternatives) to convert visitor data into insights. 

  Financial institutions, such as stock exchange companies, also rely on third-party data for trading. If this is the case for you, then you likely have a Data Processing Agreement (DPA) in place — a legally binding document between you (the data controller, who dictates how and why the collected data is used) and the data processor (who processes the data you provide to them).

  To ensure that your DPA is VCDPA compliant, make sure it contains the following items :

  • Definition of terms
  • Instructions for processing data
  • Limits of use (explain what all parties can and cannot do with the collected data)
  • Physical data security practices (e.g., potential risks, risk of harm and control measures)
  • Data subject rights
  • Consumer request policies (i.e., must respond within 45 days of receipt)
  • Privacy notices and policies

  5. Seek expert legal advice

  To ensure your organisation is fully VCDPA compliant, consider speaking to a data and privacy lawyer. They can help you better understand the specifics of the law, advise you on where you fall short of compliance and what you must do to become VCDPA compliant.

  Data privacy lawyers can also help you draft a meaningful privacy notice, which may be useful in modifying your existing DPAs or creating new ones. If needed, they can also advise you on areas of compliance with other state-specific data protection acts, such as the CCPA and newly released laws in Colorado, Connecticut and Utah.

  How does the VCDPA differ from the CCPA ?

  Although the VCDPA has many similarities to the CCPA, the two laws still have their own approach to applying the law. 

  Here’s a quick breakdown of the main differences that set these laws apart.

  Definition of a consumer

  Under the VCDPA, a consumer is a “natural person who is a Virginia resident acting in an individual or household context.” Meanwhile, under the CCPA, a consumer is a “natural person who is a California resident acting in an individual or household context.” However, the VCDPA omits people in employment contexts, while the CCPA doesn’t. Hence, organisations don’t need to consider employee data.

  Sale of personal data

  The VCDPA defines the “sale of personal data” as an exchange “for monetary consideration” by the data controller to a data processor or third party. This means that, under the VCDPA, an act is only considered a “sale of personal data” if there is monetary value attached to the transaction.

  This contrasts with the CCPA, where that law also counts “other valuable considerations” as a factor when determining if the sale of personal data has occurred.

  Right to opt out

  Just like the CCPA, the VCDPA clearly outlines that organisations must respond to a user request to opt out of tracking. However, unlike the CCPA, the VCDPA does not give organisations any exceptions to such a right. This means that, even if the organisation believes that the request is impractical or hard to pull off, it must comply with the request under any circumstances, even in instances of hardship.

  Ensure VCDPA compliance with Matomo

  The VCDPA, like many other data privacy laws in the US, is designed to enhance the rights of Virginia consumers who have their personal or sensitive data collected and processed. Fortunately, this is where platforms like Matomo can help.

  Matomo is a powerful web analytics platform that has built-in features to help you comply with the VCDPA. These include options like :

  • Cookie-less tracking
  • Creating consumer consent and opt-out forms
  • Giving consumers access to their personal data

  Try out the free 21-day Matomo trial today. No credit card required.

• What is PII ? Your introduction to personally identifiable information

  15 janvier 2020, par Joselyn Khor — Analytics Tips, Privacy, Security
  Most websites you visit collect information about you via tools like Google Analytics and Matomo – sometimes collecting personally identifiable information (PII).

  When it comes to PII, people are becoming more concerned about data privacy. Identifiable information can be used for illegal purposes like identity theft and fraud. 

  So how can you protect yourself as an innocent internet browser ? In the case of website owners – how do you protect users and your company from falling prey to privacy breaches ?

  

  As one of the most trusted analytics companies, we feel our readers would benefit from being as informed as possible about data privacy issues and PII. Learn what it means, and what you can do to keep yours or others’ information safe.

  Table of Contents

  What does PII stand for ?

  PII acronym

  PII is an acronym for personally identifiable information.

  PII definition

  Personally identifiable information (PII) is a term used predominantly in the United States.

  The appendix of OMB M-10-23 (Guidance for Agency Use of Third-Party Website and Applications) gives this definition for PII :

  “The term ‘personally identifiable information’ refers to information which can be used to distinguish or trace an individual’s identity, such as their name, social security number, biometric records, etc. alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother’s maiden name, etc.”

  What can be considered personally identifiable information (PII) ? Some PII examples :

  • Full name/usernames
  • Home address/mailing address
  • Email address
  • Credit card numbers
  • Date of birth
  • Phone numbers
  • Login details

  • Precise locations
  • Account numbers
  • Passwords
  • Security codes (including biometric records)
  • Personal identification numbers
  • Driver license number
  • Get a more comprehensive list here

  What’s non-PII ?

  Anonymous information, or information that can’t be traced back to an individual, can be considered non-PII.

  Who is affected by the exploitation of PII ?

  Anyone can be affected by the exploitation of personal data, where you have identity theft, account fraud and account takeovers. When websites resort to illegally selling or sharing your data and compromising your privacy, the fear is falling victim to such fraudulent activity. 

  PII can also be an issue when employees have access to the database and the data is not encrypted. For example, anyone working in a bank can access your accounts ; anyone working at Facebook may be able to read your messages. This shows how privacy breaches can easily happen when employees have access to PII.

  Website owner’s responsibility for data privacy (PII and analytics)

  To respect your website visitor’s privacy, best practice is to avoid collecting PII whenever possible. If you work in an industry which requires people to disclose personal information (e.g. healthcare, security industries, public sector), then you must ensure this data is collected and handled securely. 

  

  The US National Institute of Standards and Technology states : “The likelihood of harm caused by a breach involving PII is greatly reduced if an organisation minimises the amount of PII it uses, collects, and stores. For example, an organisation should only request PII in a new form if the PII is absolutely necessary.” 

  How you’re held accountable remains up to the privacy laws of the country you’re doing business in. Make sure you are fully aware of the privacy and data protection laws that relate specifically to you. 

  To reduce the risk of privacy breaches, try collecting as little PII as you can ; purging it as soon as you can ; and making sure your IT security is updated and protected against security threats. 

  If you’re using data collection tools like web analytics, data may be tracked through features like User ID, custom variables, and custom dimensions. Sometimes they are also harder to identify when they are present, for example, in page URLs, page titles, or referrers URLs. So make sure you’re optimising your web analytics tools’ settings to ensure you’re asking your users for consent and respecting users’ privacy.

  If you’re using a GDPR compliant tool like Matomo, learn how you can stop processing such personal data

  PII, GDPR and businesses in the US/EU

  Because PII is broad, you may run into confusion when considering PII and GDPR (which applies in the EU). The General Data Protection Regulation (GDPR) provides more safeguards for user privacy.

  GDPR grants people in the EU more rights concerning their “personal data” (more on PII vs personal data below). In the EU the GDPR restricts the collection and processing of personal data. The repercussions are severe penalties and fines for privacy infringements. Businesses are required to handle this personal data carefully. You can be fined up to 4% of their yearly revenue for data breaches or non-compliance. 

  

  Although there isn’t an overarching data protection law in the US, there are hundreds of laws on both the federal and state levels to protect the personal data of US residents. US Congress has also enacted industry-specific statutes related to data privacy, and the state of California passed the California Consumer Privacy Act. 

  To be on the safe side, if you are using analytics, follow matters relating to “personal data” in the GDPR. It’s all-encompassing when it comes to protecting user privacy. GDPR rules still apply whenever an EU citizen visits any non EU site (that processes personal data).

  Personally identifiable information (PII) vs personal data

  PII and “personal data” aren’t used interchangeably. All personal data can be PII, but not all PII can be defined as personal data.

  The definition of “personal data” according to the GDPR :

  

  This means “personal data” encompasses a greater number of identifiers which include the online sphere. Examples include : IP addresses and URL names. As well as seemingly “innocent” data like height, job position, company etc. 

  What’s considered personal data depends on the context. If a piece of information can be combined with others to establish someone’s identity then that can be considered personal data. 

  Under GDPR, when processing personal data, you need explicit consent. You need to ensure you’re compliant according to GDPR definitions of “personal data” not just what’s considered “PII”.

  How Matomo deals with PII and personal data

  Although Matomo Analytics is a web analytics software that tracks user activity on your website, we take privacy and PII very seriously – on both our Cloud and On-Premise offerings. 

  If you’re using Matomo and would like to know how you can be fully GDPR compliant and protect user privacy, read more :
  

  • Learn how to not process any personally identifiable information – Anonymise IP addresses, user IDs, and order IDs
  • Matomo protects user privacy by talking the talk and walking the walk
  • Stay ahead of the GDPR with a privacy-respecting analytics platform
  • 11 ways Matomo helps you protect your visitor’s privacy

  Disclaimer

  We are not lawyers and don’t claim to be. The information provided here is to help give an introduction to issues you may encounter when dealing with PII. We encourage every business and website to take data privacy seriously and discuss these issues with your lawyer if you have any concerns. 

  Additional resources :

  • https://www.consumeraffairs.com/finance/identity-theft-statistics.html#identity-theft-trends-in-2019
  • https://ec.europa.eu/info/law/law-topic/data-protection_en
  • https://iclg.com/practice-areas/data-protection-laws-and-regulations/usa
  • https://www.csoonline.com/article/3215864/how-to-protect-personally-identifiable-information-pii-under-gdpr.html
  • https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/key-definitions/what-is-personal-data/