MONITOR DATA COLLECTION ON YOUR WEBSITE 24/7 TO BE COMPLIANT
Our Data Processing Service Scanner “DPS Scanner” helps you become more compliant with GDPR regulations. The smart tool identifies Data Processing Services (third party technologies, e.g. Google Analytics) that have not been added to your Consent Management Platform (CMP) yet.
MONITORING THROUGH LIVE USERS
Know what’s going on
Maybe your organization is big and marketing bypassed legal in implementing a new tool, or the agency didn’t loop you in. Or, a tool changes its partners and is suddenly piggybacking external partners which you never heard of. In such cases, it is possible that you are not in full control or completely unaware about what data might be transferred to third-parties. That’s why we designed our Data Processing Service Scanner – the “DPS Scanner”.
The service detects live users on your website or in your app and monitors the domains that are called upon their visit. This way, we provide you with a list of all Data Processing Services that are implemented on your site.
How our DPS Scanner works technically
Our Data Processing Service Scanner – the “DPS Scanner” collects data without having to crawl pages all the time. Instead, the tool detects end-users who are visiting your website and the domains which are loaded. All data is then aggregated and stored every 24 hours. The results can be found in the Usercentrics Admin Interface under “Service Settings” → “DPS Scanner” on the following day.
Detect our Scanner on your Website
You may have already noticed Scanning and Crawling activities on your website, likely in your webserver and referrer logs.
The following Useragent is used by Usercentrics and you can use the same to identify and detect all our requests:
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/605.1.15 (KHTML, like Gecko) Chrome/W.X.Y.Z Safari/605.1.15 (compatible; Usercentrics/0.1; +https://usercentrics.com/dps-scanner/)
We are regularly updating our web page rendering engine to the latest version. Thus, W.X.Y.Z is a placeholder that represents the version of the Chrome browser used by that user agent: for example, “93.0.4577.82”.
DATA PROCESSING SERVICES
Determine if something is missing in your CMP
Once we have detected the third party requests, we can match them to our service database and identify to which Data Processing Services they belong.
From that we can determine whether there is a gap – meaning some third party technology is being triggered but is not included in your CMP. This constitutes a data breach. If such a gap is detected, we update the results accordingly, so you can act on it immediately by adding all the detected Data Processing Services.