GDPR API
As required by the GDPR, this portal application can be used by Crobox clients’ webshop visitors to view all data that has been collected by Crobox.
Portal Application
Normally, the portal must be accessed through a pop-up window or iframe so it can use the browsers postMessage()
functionality to instruct the Crobox Javascript snippet to change the (first-party) cookie settings on the client’s website. Support for this is available on the client’s request and will be implemented inside the Crobox JS snippet.
For debugging purposes, it’s possible to access the portal application manually from:
https://cdn.crobox.io/gdpr/pdp/index.html
The portal can be controlled through various query parameters:
Parameter | Description |
containerId |
6 character snippet identifier of the customers' website. |
visitorId |
UUID (36 character) value of the visitor on the customers website. Normally stored as (first-party) _crbx cookie. |
shouldNotTrack |
The current state of the visitor tracking state. Normally stored as (first-party) crobox_opt_out cookie. |
The portal allows a visitor to do the following actions:
- Enable/disable (opt-out / opt-in) tracking of it’s data
- Removal of all data previously collected by Crobox
- Download of all data previously collected by Crobox
Additionally, there are possibilities to control those actions directly through the Crobox JS Snippet. Support for this is available in collaboration with the client.
REST API
The REST API is used by the GDPR portal application but can also be used directly to query for data or request data deletion.
Visitor data overview request
https://api.crobox.com/personal-data/:container_id/visitors/:visitor_id