Data Security
Policy for the Luxifer data collection script
- Where is the script going to run?
- It depends on how you install it, so you have control over this.
- Generally, frameworks have a way to install the script on every page in the header section for convenience.
- This means the script runs on the front-end in the browser of your end-clients.
- If you’re using google tag manager or a similar solution, there should be a way to omit pages if necessary.
- What is the script going to read?
- Personally Identifiable Information (PII) outlined in our Privacy Policy under “Data of your end-users“
- In depth information on this PII on Matomo official docs
- Clicked Element information – tag type, attributes, classnames, timestamp, url it was clicked on, matomo visitorId that clicked on it.
- In the case of a text box or a dropdown, it will NOT collect the content that the user entered.
- What are the access rights needed for the script?
- The script requires JavaScript to be executable on the end-client browser
- The script requires the ability to communicate with our Azure server and Google Cloud Platform infrastructure via navigator.sendBeacon
- The script requires the ability to download a script from JsDelivr (main script) and run third party scripts (Matomo tag manager)
- The script requires access to read and write Matomo first party cookies. A full list is available here. Note: hsr & uid cookies are not used.
- The script requires access to read and write Luxifer first party cookies. These can be seen in the Privacy Policy under “Data of your end-users“
- Where is the script sending its gathered information (for the reports)?
- Matomo information (PII) is sent to our Azure server where our Matomo instance is self-hosted.
- Element information (also PII) is sent to a Google Cloud Platform endpoint which validates the data, and then sends it to an internal function that saves it in Firestore.
- Who’s going to be using (and responsible) for the script?
- Your developers are responsible for installing the script.
- Luxifer developers are responsible for updating, maintaining and securing the script.
- One option is to have subresource integrity (sha384) for added security. This adds responsibility for the your developers to re-install the script to update. Updates to this script rare, but SRI adds a layer of security and prevents tampering.
- The other option is to automatically pull the latest version of the script, but less recommended.
- Who can modify the script?
- The first part is the script we give you (Not recommended to modify)
- This can be modified by the developer that installs it.
- Modifying it will change the percentage of customers tracked, the associated project and the main script that is loaded.
- We do a redundant check for both the project id and the website the data was sent from. We drop the data in the case of a mismatch.
- The second part is what is sent to you via JsDelivr (main script).
- This can only be modified by Luxifer developers.
- This is implemented with subresource integrity (sha384) to ensure it hasn’t been tampered with.
- The first part is the script we give you (Not recommended to modify)
- Is this script a read only or can it modify the website directly?
- Outside of adding scripts to capture data or assist in capturing data, Luxifer does not modify your website.
- The exception is A/B testing, which DOES modify your website directly.
- A/B testing is optional and requires a different script to be installed.
Policy for use of AI/LLMs
- Is the technology in use external or internal?
- We fully manage and configure an Azure Cloud instance which is considered internal. We do not own the physical infrastructure.
- The technology is hosted within our Azure Resource Group and contains:
- The APIs built using Azure Functions.
- The Azure OpenAI instances.
- The Blob Storage for output files.
- What are the hosting locations in regards to use of AI?
- Our instance of Azure OpenAI is hosted in Sweden, and is physically located in Gävle and Sandviken.
- The function endpoints are hosted in France, and is physically located in Paris.
- The blob storage is hosted in France (general use) and Sweden (Personas).
- You can access more information about the compliance and standards for data centers in France here, and in Sweden here.
- Does Luxifer or OpenAI use any of your information for training their models?
- Luxifer generates an in-house model based on PII solely to classify future traffic into your “Personas”. These are cohorts of your users used throughout Luxifer.
- These personas are unique and exclusive to your project. The data is not used to train Luxifer models outside of this context, or interact with data of other projects.
- The model is a file that can be loaded into the LLM and is not used outside of the context of generating & classifying personas. It is not used to interact with data of other projects, for training, or outside of this context.
- OpenAI as a company does not have access to any of your data or our models and as such cannot use them.
- Please see the full statement in regards to data privacy given by OpenAI.
- Does OpenAI as a company have access to any data provided to Luxifer?
- Since we use an internal model of Azure OpenAI, no data goes externally to the company OpenAI.
- What data is stored by Luxifer in regards to AI/LLM use?
- Logs for debugging, security & compliance.
- Inputs including any PII are discarded after use.
- General use data is used for Luxifer processes and unrelated to customer data.
- Data stored for Personas (models) is aggregate data and is only used to classify future traffic of that project.
- Data stored for Persona enrichment (business context) is aggregate data and is used to tailor personas to your website goals.
- If a customer requests for data deletion, what is deleted?
- The models generated for Personas.
- Logs for debugging, security & compliance.
- The persona data itself (name, picture, type, etc)
- Data mapping visitors to personas. (Existing users will no longer be personas)
Cloud Hosting Geography
| Provider | Usage | Location(s) |
|---|---|---|
| Firebase | Storage | Belgium (eur3) |
| Google Cloud Platform | Collection, processing | St. Ghislain, Belgium (europe-west1) |
| Microsoft Azure | Collection, processing, and storage | Gävle and Sandviken, Sweden |
| Microsoft OpenAI | Processing | Gävle and Sandviken, Sweden Paris, France |
Changelog
| Version | Changes |
|---|---|
| 2025-09-02 | Added HTML anchors and Geography section |
| 2025-08-21 | Added to AI policy #5 – saving of business context |
| 2025-07-19 | Initial version. Includes policies for data collection script and AI/LLM use. |
