I would like to ask about Personally identifiable information (PII) since Foundry can get data from the apps that we build.
We have a project that is supposedly would work offline (no internet connection needed to access all the features of the app). And we just store the non-personal data in the device's storage.
I noticed that even when we don't pass any custom metrics, the foundry has it's own metrics capture for users, like device OS, IP address, device ID, etc...
Our company's definition of PII is this:
"If unique identifiers can be linked to an individual, either directly or indirectly, they would fall under the category of personal data."
My question would be, of all the data that foundry gets for the reports/metrics, is there any that would fit that description? I am worried about the IP address, Device ID can be identified to a specific user.
We have settings in App server console (admin console) to protect PII data, The GDPR Policy section provides settings that enable the protection of the Personally Identifiable Information (PII) of a user. When the settings are enabled, data such as the User ID and the IP Address is not stored in the integration server logs. Additionally, a flag variable is sent to the metrics pipeline along with the PII to protect the data.
Please refer this documentation, and refer the attached screenshot.
In addition to the data provided in the earlier reply about GDPR setting, particularly answering your question about deviceID.. it is a randomly generatedID for metrics purposes when the app is installed and not a PII. IMEI and AndroidID which are unique to device are not used as deviceID.