We’d like to set up Floodlight Counter/Sales tags in the Piwik Tag Manager; however, we must remain HIPAA compliant and I’m concerned about sharing user data with Google via the Floodlight tag. Does Piwik do anything to mask or hash user data (especially IP address) before it is sent to Floodlight?
Hi!
By default, our Floodlight tags only send information about the user agent (which includes identifying the application/browser, operating system, vendor). You are of course able to add custom variables to it, but that’s not included by default.
Hi,
let me add some basic information here:
- you cannot mask the IP from any request that gets sent directly from the browser without some kind of proxy in between. That’s how the internet works
- a tag management system should not be responsible for what an external script does when it loads after there is sufficient consent to to so. Even CMPs that actively block requests when there is not consent would not try to change request payloads before they are sent
- If you want to control what exactly gets sent to which vendor, a server-side component will be necessary. Even then, too much redaction can lead to useless signals for the recipient.
- most marketing tags use the IP actively for attribution.
Hope that helps for clarification, even if I cannot answer exactly what happens to your data, when you try to feed a Floodlight tag with altered IP information (because I never tried),
best
Markus