Description of the legitimate-interest balance test on the use of the Hotjar tool on the vttresearch.com website
This document describes the balance test of the online tracking tools used on the VTTRESEARCH.COM site and its results as part of the ‘legitimate interest’ grounds for processing data.
Legitimate interest as a basis for processing data
The Hotjar tool is used on vttresearch.com to monitor the methods of use and the user-friendliness of the online service as well as to diagnose potential technical failures and analyse general user trends on the site. This is essential for VTT Technical Research Centre of Finland Ltd's operations and electronic communications, in order to improve the user-friendliness of the online service and to monitor its functionality.
The Hotjar tool does not store the user's personal data (such as name, address, contact details, GPS) location data), but the tool uses the user's IPv4 address to transfer the data from the site to the server, and it is anonymised by removing the IP address's D block before the data is stored in the database. In this case, the entire IP address of an individual user is never stored in the tool database. Instead, it is used only to maintain the server connection during the user's visit. The Hotjar tool uses an anonymous, randomly generated identifier (UUID, unique user identifier) to identify a browser that visits the site consecutively as a single browser, and to combine consecutive page downloads into a page download generated by the same browser during a single visit (session).
The above-mentioned UUID information is stored in the first-party cookie ‘_ hjid’ and is forwarded to the Hotjar tool server when the web browser downloads a page. Since this anonymous UUID information is readable by the website and can be used to identify a single browser during repeated visits and to link the browser concerned to the user's behaviour in the online service, it can be viewed as user's personal data according to the European Commission's guidelines.
When storing the interface interaction data, Hotjar automatically blocks the monitoring of keyboard keystrokes in all form fields. This collection of information is blocked in the user's browser, and the data will never end up on Hotjar's servers.
According to Section 25 of Directive 2002/58/EC, storing data on a user's terminal equipment using different methods, such as cookies, may be justified and useful, for instance for examining the effectiveness of the design and advertising on a website and for checking the identity of users involved in online transactions. Where such methods, such as cookies, have a legitimate purpose, such as facilitating the provision of information society services, their use should be allowed, provided that the user receives clear and accurate information in accordance with Directive 95/46/EC on the purpose of cookies or similar methods, in order to ensure that the user is aware of the information received by their terminal equipment. The Hotjar tool stores first and third party cookies on the user's terminal device to implement functionalities, so that the tool can, for instance, display a questionnaire to a user who has not previously seen it, or prevent a form from being displayed to a user who has not wished to fill it in.
Further information: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookie-Information
The user information stored on vttresearch.com is an anonymous and randomly formed identifier that enables VTT Technical Research Centre of Finland Ltd to use its own website for the purpose of examining and developing the effectiveness of lawful monitoring and analysis, the design of the website and marketing communications. In this case, monitoring the use of the service, which is as extensive as possible, is essential for the development of the user-friendliness of vttresearch.com. The use of the website is entirely voluntary for users, and it does not actively offer functionalities in exchange for compensation. In this case, an agreement between the user and the VTT Technical Research Centre of Finland or the user's specific consent, for instance, are not justified as grounds for processing the data.
The legitimate-interest processing criterion, basic requirements
The legitimate-interest processing criterion requires that the interest presented by the data processor is lawful, on the grounds of either EU law or national law. The interest must also be a timely and an immediately created need. The daily business and communications of the vttresearch.com website and its maintainer, VTT Technical Research Centre of Finland Ltd, require an electronic communication channel and its use in the most efficient and user-friendly manner possible. Maintaining and developing the site requires information about the use of the site, the behaviour of users on the site, and the possibility of identifying potential technical problems on the site.
Without processing and storing UUID data using separate browsers, it will not be possible to combine the operations performed on the site into a single user session or to identify users who may return to the service, in order to assess the user activity of the service. This information is essential for improving the availability and user-friendliness of the vttresearch.com site. Viewing individual page loads without the ability to include them in the user path would only allow a partial assessment of the user experience and could lead to incorrect conclusions.
The need to process personal data in order to meet a legitimate interest
The implementation of the measures described above and the development of the online service in the interests of VTT Technical Research Centre of Finland Ltd require processing of UUID data in connection with the technical data transmitted by the user's terminal device and the data related to the use of the service (e.g. interaction such as clicking on the mouse and scrolling pages in the user interface). Similar results could also be achieved with other technical solutions, but they would not be better for the user's privacy.
Anonymous UUID data can also be overwritten by storing the user's full IP address, but the IP address might be permanently associated with a single terminal device or user. UUID data is generated occasionally when the user visits the service, and cannot be technically connected with the user's behaviour, for example in other services.
The IP address, on the other hand, would enable the technical integration of data in other services as well.
Another option for an anonymous UUID is for the identifier to be calculated based on the properties of the user's terminal device or the permanent identifier (so-called Canvas Fingerprint, or Advertising ID) obtained from the device. The Advertising ID is considered to be personal data under the GDPR in the European Commission's guidelines https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data_en. An identifier (such as Canvas Fingerprint) that is calculated for a user's device is not easily changeable or removable by the user. Thus, using it instead of the UUID would interfere with the privacy of the user entered in the registry more than the UUID that the user can change or delete.
Based on this, the default UUID used by the Hotjar tool has been selected as data to process which affects the user's privacy, as well as the information associated with the use of the service and the user's terminal device.
Relationship between the data controller's interests and the interests of the data subject
As described above, the benefits of VTT Technical Research Centre of Finland Ltd, which serves as the data controller, are significant in order to implement marketing communications for the entire organisation and to maintain and develop the vttresearch.com website, which serves as the primary communication channel. Failure to process the data would prevent the entire vttresearch.com site content from being appropriately developed.
Information about the use of the site, as well as the anonymous UUID, stored in a registry maintained in the Hotjar tool, does not allow the identification of an individual user as a person, nor does it allow the linking of data to other personal data in other registers.
With regard to the data register created in the Hotjar tool, VTT Technical Research Centre of Finland Ltd is a data controller and Hotjar Ltd a data processor that processes data on behalf of VTT and does not transmit it to third parties. (Further information: https://help.hotjar.com/hc/en-us/articles/115011639887-Data-Safety-Privacy-Security, https://www.hotjar.com/legal/policies/terms-of-service/)
Online analytics solutions such as Hotjar have been widely available on different websites for decades. At least 65% of websites (situation 7/2020) on the Internet use this type of analysis tool
Therefore, an Internet user can, as a rule, expect that the information transmitted and stored in their browser will be used to measure different services and analyse user behaviour.
VTT Technical Research Centre of Finland Ltd provides services and content primarily for companies and communities, in which case most of the use of vttresearch.com takes place in a context related to the work or business carried out by individuals. On these grounds, it is not expected that there will be minors or other special groups using the service, whose right to privacy should be particularly well protected.
Protection of processed data
All data stored and processed using the Hotjar tool is functionally differentiated from other VTT Technical Research Centre of Finland Ltd data (e.g. customer data) and cannot be technically combined with these other data. Based on the use of the service, it is not possible to draw conclusions about an individual person or organisation that might affect other decisions. The Hotjar UUID data is anonymous as a rule. On these grounds, an individual person cannot be identified and the data cannot be reconverted into plain-language personal data.
All data is stored on servers in the Hotjar tool that are separately described in Hotjar Ltd documents. Data storage follows both physical and technical data protection and encryption techniques. (Further information: https://help.hotjar.com/hc/en-us/articles/360045354594-Security-at-Hotjar)
Hotjar is a company registered in Europe that processes and stores all collected data on the Amazon Web Services server eu-west-1 data centre, which is located in Ireland. User data or other collected data is not transferred outside the European Union.
Opposing the processing of data
We want to ensure transparency and enable the user to express their will on the processing of information about themselves. Anonymous UUID data stored in the Hotjar tool used by the VTT Technical Research Centre of Finland enables you to identify a single browser whenever a user visits the service using this browser. However, many terminal devices may be in shared use, in which case the user should be able to prevent the aggregation of data generated from use by different persons (Directive 2002/58/EC, Section 25). In addition, the ‘legitimate interest’ as a grounds for processing data requires that the user has an effective opportunity to object to the processing of their data. If you oppose the storing and processing of your data by means of the Google Analytics tool, we will immediately stop storing and transmitting your data to the tool from the browser you used to oppose processing. As a result, your browser can store information (a cookie, storage item, other similar item) about the objection so that we can continue to prevent your data from being transmitted and stored in Hotjar. The information to be recorded only contains information about your choice or objection and does not contain any information that can be connected to the user.
Changing tracking settings
You can change your consent status or object to oppose to the usage of different tools in the tracking settings.