Data Privacy Features

Coveo Relevance Cloud System Administrator Security Documentation
In this article

We’re aware that our customers may have to comply with multiple privacy laws and regulations around the world. We have therefore implemented privacy features within our hosted services in order to help our customers navigate through the requirements outlined in those laws.

See below for an overview of some privacy features embedded into Coveo’s platform that take into account the common privacy principles outlined in privacy laws (e.g., data subject requests, removing of personal identifiers).

Sections in this article:

Usage Analytics and DSR

Coveo customers that wish to fulfill a Data Subject Request (DSR) within our platform can use APIs. Only Coveo users using API keys with distinct privileges may communicate with Coveo UA to handle DSRs. To enable full access to all Coveo UA features, the privileges to administrate UA data, export UA data, and delete user data are required. Coveo customers will then directly interact with Coveo, which fulfills the request without human intervention from Coveo.

Users that perform an action resulting in a usage analytics event are automatically attributed a usage analytics user ID such as alice.smith@example.com-google. For an anonymous user, the user ID defaults to a visitor ID such as 29fb0d0a-b5eb-4c20-aff0-9d282df11569.

The Usage Analytics Read API, under User Statistics API - Version 15 and up, exposes the GET /v15/users/{userId}/overview endpoint. This enables returning all usage analytics data related to a given user identified by their userId for a given organization.

GET https://analytics.cloud.coveo.com/rest/ua/v15/users/{userId}/overview?org={organizationId} HTTP/1.1

Accept application/json
Authorization Bearer {accessToken}

Where you replace:

  • {userId} with a unique identifier corresponding to an end user whose personal data you want to consult.

  • {organizationId} with the unique identifier of the target Coveo organization.

    The org parameter is only required when authenticating the call using an OAuth2 token.

  • accessToken by an API key or OAuth2 token granting the Administrate privilege in the target Coveo organization, if not already done.

User ID Masking

Coveo UA allows its customers to mask the User ID following the steps below described.

  • When using Coveo JavaScript Search Framework, set the anonymous option of the Analytics component to true.

    <div id="search" class="CoveoSearchInterface">
  <div class="CoveoAnalytics" data-anonymous="true"></div>
</div>

  • When using the Usage Analytics Write API directly, set the anonymous property to true whenever logging search, click, custom, or view events (see Log Usage Analytics Events).

Data Export

When your Coveo account or an API key grants the Data Exports privilege, you may interact with Coveo UA to export user data. The Coveo Administration Console then permits full data export of user data if filters are used to tailor the export to a given userId in a given organization (see Usage Analytics Export Filters).

When an end user requests an export from their Coveo organization, the export may contain different types of information (e.g., case number, upcoming product names, etc.). The export function allows Coveo customers to review those exports and remove any information before communicating the export with an end user. If you want to provide additional information regarding the nature of the values mentioned in the export, refer to the [reference](/en/l9fb0345/#reference) documentation.

Data Deletion

When your Coveo account or an API key grants the Delete user data privilege, you may interact with Coveo UA to delete user data. The Usage Analytics Read API, under User Statistics API - Version 15 and up, exposes the DELETE /v15/users/{userId}/alldata endpoint. This enables deleting usage analytics data related to a given user identified by their userId for a given organization.

DELETE https://analytics.cloud.coveo.com/rest/ua/v15/users/{userId}/alldata?org={organizationId} HTTP/1.1

Accept application/json
Authorization Bearer {accessToken}

Where you replace:

  • {userId} with a unique identifier corresponding to an end user whose personal data you want to delete.

  • {organizationId} with the unique identifier of the target Coveo organization.

    The org parameter is only required when authenticating the call using an OAuth2 token.

  • accessToken by an API key or OAuth2 token granting the Delete user data privilege in the target Coveo organization, if not already done.

  • Usage of the DELETE /v15/users/{userId}/alldata endpoint results in irreversible data loss which may affect some dashboards and reports generated in the Coveo Administration Console. Be mindful of the implications of such an operation, even if its completion is imperative.

  • Usage statistics such as the queries per month (QPM) won’t be recalculated or modified after deletion of user data.

Coveo Usage Analytics Disabling in a Search Interface

A successful call to any of the following API endpoints (e.g., POST https://analytics.cloud.coveo.com/rest/ua/v15/analytics/searches) will record a usage analytics event:

Method Scheme Host Base path Path
GET https:// platform.cloud.coveo.com /rest/ua /v15/analytics /click
/custom
platformhipaa.cloud.coveo.com /search
POST /searches
usageanalytics.coveo.com /rest /view

If you want to stop recording usage analytics in a search interface, you must ensure that no such calls are being made from that location.

In a search interface that relies on the JavaScript Search Framework, the simplest and most efficient way to disable usage analytics is to not initialize an Analytics component at all.

Coveo JavaScript Search Framework 2.7219 (October 2019)

The JavaScript Search Framework now exposes top-level functions allowing you to clear session information stored for usage analytics purposes (visitor ID cookie, actions history, etc.), and to disable or re-enable an initialized Analytics component.

See: