Manage personally identifiable information

Accessing and processing of Personally identifiable information (PII), such as contact emails, is regulated by the law in multiple key markets. Thus, it is important for account and data center administrators to be able to manage which Sitefinity Insight users have access to the visitors PII.
For more information about PII in Sitefinity Insight, see Personal data collected, processed, and stored by Sitefinity Insight.

In this article, you learn how to manage access to contact information and what data is available to you, if you are using an account without the permission to access PII.

Accounts without PII access

If you are using a Sitefinity Insight account, which does not have permission to see PII, you have the following restrictions:

• If you navigate to a report that contains contact emails, you see obfuscated emails.
  The affected reports are Personas, Lead scorings, Segment discovery, and Contacts.
• The Contacts report has PII-related fields removed, such as name, country, company, job title, gender, address, and phone. The e-mail address is obfuscated.
• If you use any Sitefinity Insight API calls, which return contacts PII, the PII-related information is either obfuscated or the API call returns status code 403.
  For more information, see the documentation for every particular call for description of its behavior.
• You cannot export contacts.
• You cannot perform operations, such as deleting or exporting personal data.

Your can manage whether Sitefinity Insight users can access PII when you invite them. Both account administrators and data center administrators can manage whether the users they invite can access PII. The following limitations apply:

• Account administrators can always access PII, because the Sitefinity Insight security model assumes that they have full access to the data stored in the account.
• If a data center administrator cannot access PII, they cannot grant this permission to newly invited users. This is to prevent escalation of privileges.

  For more information, see Invite users.

Sitefinity Insight administrators can see the PII access permissions for the user accounts they manage.

If you are an account administrator, in Sitefinity Insight, navigate to Administration » Users.
The table column Access visitors PII displays the access permissions for each Insight user account. The following options are available:

• Not allowed
  The user account cannot see the PII for any data center they can access.
• Allowed in <list of data centers>
  The user account can see the PII for some of the data centers they can access. The names of the data centers are displayed in the table.
• Allowed
  The user account can see the PII for all data centers they can access.

If you are a data center administrator, to check your permissions to see PII, perform the following:

1. In Sitefinity Insight, navigate to Administration » Data centers.
2. Click the name of the data center that you want to manage.
3. Click Access.

In the table, you see the column Access visitors PII with the following options:

• Allowed
  This user account can see the PII for visitors stored in this data center.
• Not allowed
  This user account cannot see the PII for visitors stored in this data center.