This article is to help your Data Protection Officer understand how Fresh Relevance integrates with your organisation’s other processors, and how this affects identification and consent.
This is a brief summary of a large topic, if you are new to privacy law we advise you seek legal and protection advice first.
Your organisation is the controller that makes the decisions about using personal data. And Fresh Relevance is one of your data processors, or sub-processors, that carries out your instructions, just like your ecommerce system and your email system (ESP).
Possible integrations involving personal data
Component | Action | PII data transferred |
Website Script | Cookie tms_VisitorID | You must install a 1-line tracking script on all pages of your website, for example, by pasting it into your page content, or using a tag manager. The script uses the
This tracking script works by calling the main Fresh Relevance script as necessary. This passes back data about user actions, for example, products seen or carted, and form data entered. It passes back product data, so Fresh Relevance keeps updated with the current information about your products. It also loads SmartBlocks into Slots as necessary. |
Ecommerce Platform | Import Purchases and Other Activity | Some major ecommerce platforms integrate directly using their API, for example, Shopify, Magento, and View Storefront. You still need the Website Script to handle dynamic content, but it does much less in these cases. |
Purchase Complete Image (or Goal Achieved Image) | Load | Some shoppers click away immediately after they have finished buying. This doesn't allow time for script to run. So, to ensure that that every single purchase is registered and buyers aren't sent cart abandon emails by mistake, you must include a tracking pixel on the purchase confirmation page of your website.
You merge the customer's email address, or numeric email ID, into the query collection, to pass back identity. This image doesn't have indicate a real purchase; if yours is not an ecommerce site, it could be any major goal achieved. |
Triggered Emails | Send | When Fresh Relevance sends a triggered email, it processes business rules that you create to decide which trigger to run and which email to send. It loads some of the recipient's personal data into your choice of ESP - you define field mappings to choose which fields are loaded - and uses the ESP to send them an email.
Identity is usually passed to the ESP using email address, but some ESPs allow a numeric email ID as an alternative, and you could potentially configure Fresh Relevance to not store email address. |
Triggered Emails | GDPR Consent | Provided you follow these ICO guidelines, you don't need consent to send triggered emails. "Sender must meet all three of the following criteria: But you must get specific consent to send newsletters and other bulk marketing emails. Although you may not legally have to check consent to satisfy GDPR, we provide means to check before sending triggers if you want to, and most importantly you should not send emails to anyone who has unsubscribed. There are three alternative methods of checking:
|
Email Personalization | Slots and SmartBlocks | Paste the email version of a Slot into your email and it populates with personal content at open time. The email Slot is a chunk of HTML with image tags that load real-time images formatted by Fresh Relevance at open time. Identity is passed in the query collection of each image tag URL, using a merge code for the email address or numeric email ID. (Learn more) |
Email Personalization | Cart Layout | Typically, the main part of a cart or browse abandon email is stored and formatted in your current ESP - including the header, footer and most of the body copy. |
Web Personalization | Slots and SmartBlocks | Either drag-and-drop a Slot onto your website using our Site Editor, or copy-and-paste the web version of the Slot into the HTML of your website. |
Email and Web Personalization | GDPR Consent | You don't need GDPR consent to do web or email personalization, providing in the case of bulk emails that you have consent to send the emails. Personalization, such as showing people relevant offers and product recommendations, is best done as a legitimate interest because people expect it, it has minimal privacy impact, and it benefits both you and the shopper. |
Triggered SMS | Send | When Fresh Relevance sends a triggered SMS, it processes business rules that you create to decide which trigger to run and which SMS to send. It loads some of the recipient's personal data into your choice of messaging provider. There is no field mapping, so this is is usually only the mobile number plus anything you merge into the message body, and uses the messaging provider to send them an SMS. Identity is passed to the messaging provider using the mobile number. |
Triggered SMS | GDPR Consent | Under GDPR, SMS is treated in a similar way to email in the UK. Other territories differ, for example:
You should take specific advice for other countries.
Provided you follow these ICO guidelines, you don't need consent to send triggered SMS. "Sender must meet all three of the following criteria: But you must get specific consent to send newsletters and other bulk marketing SMS. Although you may not legally have to check consent to satisfy GDPR, we provide means to check before sending triggers if you want to, and most importantly you should not send SMS to anyone who has unsubscribed.
There are three alternative methods of checking:
Lots of resources are available online, for example, see more information for: |
Other integrations involving PII (Optional)
Component | Action | PII data transferred (Optional) |
Identify More Visitors | You can optionally pass identity in click-through link URLs from your marketing emails to your website, which increases the effectiveness of your marketing. To do this, add email address or numeric email ID into the query collection, and Fresh Relevance recognises persons immediately they arrive at your website. | |
FTP | Import Person Data | Files can be retrieved from a secure FTP server, which can be provided by you, or can be arranged by us, and loaded to the Fresh Relevance Person database. |
Firehose | Export Data to Other Systems | Fresh Relevance can export real-time ecommerce data via FTP for your third-party system: ESP, CRM, or Analytics Package such as FastStats. |
Offline Transactions | Import Purchases | Fresh Relevance can load purchase data from a file which you place on an SFTP server. Identity is passed as email address. |
Web Integration | HTML API | The HTML API allows you to pass any information from your web page to Fresh Relevance. It's based around inserting a single hidden HTML tag in your HTML. This is optional but can be useful for advanced integration. Identity could be passed using the |
Web Integration | Javascript API | You can add custom JavaScript to your web pages to pass data to Fresh Relevance. For example, you can raise custom signals from your site using JavaScript to start custom trigger programs. This allows the system to respond to specified actions of your customer on your site, for example, if they ordered a brochure or viewed a particular page. Identity could be passed using the |
Web Integration | Raising Custom Signals | You can raise custom signals from your site using JavaScript to start custom trigger programs. This allows the system to respond to specified actions of your customer on your site, for example, ordered a brochure or viewed a particular page. You can pass data through to the signal, which is available all the way through to email send time, so it can be merged into an email. Identity could be passed using the |
Server‑to‑Server | Integration API | The Integration API allows your systems to retrieve data from Fresh Relevance, and to load data. This is optional, but can be useful for more advanced integration. The Integration API is a REST interface which can be used from most programming and scripting languages. |