Solved

What shall we use to uniquely identify users (also in relation to GDPR)

  • 4 May 2021
  • 1 reply
  • 87 views

Badge +1

Hi All!

What kind of ID do you use to uniquely identify users cross-product?

We want to store the Google ID (the OAuth Subject, technically speaking) of users in order to be able to identify them. 

Is that a problem in relation to GDPR?

Would we need to ask Amplitude to delete analytics records in case the user ask us for data deletion?

Could we work around that, by using a hash of the ID instead, so there is no direct connection to a (deleted) user?

Thank you for suggestions!

Lukas

icon

Best answer by Saish Redkar 4 May 2021, 19:06

Hey @lukeamp ,

As long as you are able to identify a unique user in your analytics stack using an internal unique identifier, you should be good. I’m not fully sure how the Google ID works, but if you can tie it back to a user on your end and resolve user identity that should work I think. ( I’m assuming the user would use the same login mechanism across your products? )

Here’s what Amplitude recommends -

“ A user ID should be something that does not and will not change. If it does, Amplitude will have no way of knowing it's intended to represent a currently-existing user, and will instead assume it stands for a separate user.”

More on tracking unique users can be found here.

W.r.t GDPR, I would recommend not storing any particular user PII in Amplitude as a user_id ( like email id ) or a user property if it can be avoided.

When a user asks you to delete their data, you will have to tie the user identity to whatever user_id you are using and send a call to the User Privacy API. This will delete that user’s historical event data and all user properties for that user in Amplitude UI and backend system databases, but their Amplitude ID and user_id will still persist in the UI. 

 

Hope this helps!

 

 

 

View original

1 reply

Userlevel 6
Badge +4

Hey @lukeamp ,

As long as you are able to identify a unique user in your analytics stack using an internal unique identifier, you should be good. I’m not fully sure how the Google ID works, but if you can tie it back to a user on your end and resolve user identity that should work I think. ( I’m assuming the user would use the same login mechanism across your products? )

Here’s what Amplitude recommends -

“ A user ID should be something that does not and will not change. If it does, Amplitude will have no way of knowing it's intended to represent a currently-existing user, and will instead assume it stands for a separate user.”

More on tracking unique users can be found here.

W.r.t GDPR, I would recommend not storing any particular user PII in Amplitude as a user_id ( like email id ) or a user property if it can be avoided.

When a user asks you to delete their data, you will have to tie the user identity to whatever user_id you are using and send a call to the User Privacy API. This will delete that user’s historical event data and all user properties for that user in Amplitude UI and backend system databases, but their Amplitude ID and user_id will still persist in the UI. 

 

Hope this helps!

 

 

 

Reply