Available in:
Overview
Data privacy regulations like the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and similar laws worldwide require businesses to protect personal data and respect individual privacy rights. Post Affiliate Pro includes comprehensive privacy features that help you meet these compliance requirements while running an effective affiliate program.
This page covers the key privacy and data protection features available in Post Affiliate Pro to help you understand how to configure your affiliate program for data privacy compliance.
Launch your affiliate program today
Set up advanced tracking in minutes. No credit card required.
Data Anonymization Features
Anonymize Transaction Data Fields Plugin
The Anonymize Transaction Data Fields plugin allows you to mask sensitive information in transaction data fields when displaying them to affiliates. This is particularly useful when transaction data contains customer emails, names, or other personal information that affiliates should not see in full.
The plugin provides granular control over how data is anonymized:
Apply to all affiliates or specific groups - You can choose to apply anonymization to all affiliates, only to a specific list of included affiliates, or to all affiliates except those you explicitly exclude.
Email address masking options:
- Hide the part before the @ sign (e.g.,
***@example.com) - Hide the part after the @ sign (e.g.,
john.doe@***) - Hide only the second half of the hidden portion for partial visibility
- Hide the part before the @ sign (e.g.,
Character-based hiding:
- Show only the first X characters
- Show only the last X characters
- Hide the first X characters
- Hide the last X characters
For example, an email like john.doe@example.com could be displayed as joh***@example.com or ***@***.com depending on your configuration.
The plugin supports all five transaction data fields (Data 1 through Data 5), each with independent anonymization settings. This flexibility allows you to apply different masking rules based on what type of information each field contains.
How to Configure Data Anonymization
- Navigate to Configuration > Plugins in your merchant panel
- Enable the “Anonymize Transaction Data Fields” plugin
- Click Configure to access the plugin settings
- Select which affiliates should see anonymized data
- For each data field (1-5), configure the appropriate masking rules
- Save your settings
IP Address Hiding and Masking
Hide IP Addresses Plugin
The Hide IP Addresses plugin provides comprehensive control over IP address visibility throughout Post Affiliate Pro. IP addresses are considered personal data under GDPR and similar regulations, making this feature essential for privacy compliance.
You can configure IP hiding separately for different contexts:
- Affiliate Panel - Hide visitor IP addresses from affiliates viewing their clicks and transactions
- Network Merchant Panel - Hide IP addresses from network merchants in multi-tier network setups
- Merchant Panel (Owner) - Hide IP addresses even from merchant administrators
- Affiliate IP Addresses - Hide the registration and login IP addresses of affiliates themselves
When enabled, the plugin removes IP address columns and filters from:
- Clicks grid and reports
- Transactions grid and reports (including first click IP and last click IP)
- Affiliate manager and affiliate lists
- Login history
- Audit logs
- Visit logs and visitor affiliate records
This comprehensive approach ensures that IP addresses cannot be accessed through any interface when hiding is enabled for a particular user role.
Configuring IP Address Privacy
- Go to Configuration > Plugins in your merchant panel
- Enable the “Hide IP Addresses” plugin
- Click Configure to access settings
- Check the appropriate boxes for each context where you want to hide IP addresses
- Save your configuration
Join our newsletter
Be the first to know about new features and product updates.
Affiliate Data Export (Right to Access)
Under GDPR Article 15 (Right of Access) and Article 20 (Right to Data Portability), individuals have the right to receive their personal data in a structured, commonly used format. Post Affiliate Pro supports this through comprehensive data export capabilities.
Exporting Affiliate Data
Post Affiliate Pro provides multiple ways to export affiliate data:
Affiliate Data Export - Export complete affiliate records including:
- User ID and referral ID
- Registration and approval dates
- Personal information (name, email, contact details)
- Custom profile fields (Data 1-25)
- Account status and settings
- Payout options and minimum payout thresholds
- Login history and statistics
Transaction Export - Export transaction history including:
- Commission records and amounts
- Order details and product information
- Click and conversion data
- Payment records and payout history
CSV Format - All exports are provided in standard CSV format that can be opened in spreadsheet applications or imported into other systems, satisfying the data portability requirement.
Using the Export Feature
- Navigate to Affiliates > Affiliate manager
- Select the affiliate whose data you need to export
- Use the Export function to download affiliate data
- For bulk exports, use the import/export functionality in Tools
Affiliate Data Deletion (Right to be Forgotten)
GDPR Article 17 establishes the Right to Erasure, commonly known as the “right to be forgotten.” Post Affiliate Pro provides robust affiliate deletion functionality to help you comply with these requests.
Deletion Confirmation Process
For added security and compliance, Post Affiliate Pro offers optional email confirmation for affiliate deletions:
- Deletion Notification - When enabled, the system sends an email notification when an affiliate deletion is initiated
- Deletion Confirmation Required - When enabled, the deletion requires explicit confirmation via a link in the email before it proceeds
This two-step process helps prevent accidental or unauthorized deletions and provides an audit trail of deletion requests.
The notification email includes:
- The affiliate’s complete profile information
- Statistics that will be deleted (clicks, transactions, commissions)
- A confirmation link (if confirmation is required)
- Details about who initiated the deletion and when
What Gets Deleted
When you delete an affiliate, the following data is removed:
- Affiliate user record and profile information
- Associated account user records
- Authentication credentials
- User tree relationships
- Payout option configurations
Depending on your configuration, you can also choose to delete or retain:
- Historical transaction and commission records
- Click and impression statistics
Deletion via API
For automated compliance workflows, affiliate deletion is also available through the Post Affiliate Pro API. The v3 API provides a DELETE /affiliates/{id} endpoint that:
- Returns 204 status for immediate deletion
- Returns 202 status when deletion is pending email confirmation
- Respects your notification and confirmation settings
Cookie Consent Considerations
Affiliate tracking in Post Affiliate Pro uses cookies to track visitor journeys from affiliate clicks to conversions. Under GDPR and ePrivacy regulations, you may need to obtain consent before placing tracking cookies.
Types of Cookies Used
Post Affiliate Pro creates several cookies for tracking purposes:
- PAPVisitorId - The primary tracking cookie that stores the visitor’s unique identifier
- First-party cookies - Stored on your domain for basic tracking
- Third-party cookies - Used for cross-domain tracking scenarios
- HTML5 Local Storage - Used as a backup when cookies are blocked
Implementing Cookie Consent
To comply with cookie consent requirements:
- Add a cookie consent banner to your website that informs visitors about tracking cookies
- Only load the tracking code after obtaining consent (if required by your jurisdiction)
- Provide opt-out mechanisms for visitors who withdraw consent
- Document your cookie usage in your privacy policy
Post Affiliate Pro’s tracking code can be conditionally loaded based on consent status using your consent management platform.
Alternative Tracking Methods
For situations where cookie consent is not obtained, consider these alternatives:
- Server-to-Server (S2S) Tracking - Track conversions without client-side cookies
- API-based tracking - Direct integration for conversion tracking
- Coupon code tracking - Track conversions using unique affiliate coupon codes
Data Retention Settings
Managing how long data is retained is an important aspect of data privacy compliance. Post Affiliate Pro provides several mechanisms for controlling data retention.
Automatic Data Cleanup
Post Affiliate Pro includes automated tasks for managing data retention:
- Group Old Clicks/Impressions - Older click and impression data can be aggregated to reduce storage while maintaining statistical accuracy
- Log Cleanup - System logs can be configured to automatically purge after a specified period
- User Agent Cleanup - Detailed browser information can be cleaned up periodically
Cookie Lifetime Settings
You can control how long tracking cookies remain valid:
- Default cookie lifetime is 60 days
- Cookie lifetime can be configured per campaign
- Shorter cookie lifetimes reduce the period of data collection
Configuring Retention Policies
Work with your data protection officer or legal team to determine appropriate retention periods for:
- Affiliate personal data
- Transaction records
- Click and impression logs
- System logs and audit trails
Then configure Post Affiliate Pro’s cleanup tasks and cookie settings accordingly.
Privacy Policy Integration
Communicating your data practices to affiliates and customers is a key compliance requirement.
Affiliate Agreement Terms
When affiliates sign up, you can require them to agree to terms that include:
- What personal data you collect
- How their data will be used
- Their rights regarding their data
- Data retention periods
- How to exercise their privacy rights
Customer Privacy Disclosures
Your customer-facing privacy policy should disclose:
- The use of affiliate tracking cookies
- What data is collected during the tracking process
- How long tracking cookies are valid
- How to opt out of tracking
Audit Trail and Compliance Documentation
The Audit Log feature in Post Affiliate Pro helps maintain compliance documentation by recording:
- All changes to affiliate records
- Commission approvals and modifications
- System configuration changes
- User actions and access patterns
This audit trail can be invaluable when responding to regulatory inquiries or demonstrating compliance with data protection requirements.
Additional Security Features
Post Affiliate Pro includes additional security features that support overall data protection:
- 2-Step Verification - Protect accounts with two-factor authentication
- Fraud Protection - Detect and prevent fraudulent activity
- Role-based access control - Limit data access based on user roles
- Secure connections - SSL/TLS encryption for all data transmission
Summary
Post Affiliate Pro provides a comprehensive set of privacy and data protection features to help you run a GDPR-compliant affiliate program:
| Feature | Privacy Benefit |
|---|---|
| Data Anonymization | Mask sensitive customer data from affiliates |
| IP Address Hiding | Remove IP addresses from reports and logs |
| Data Export | Support right to access and data portability |
| Data Deletion | Enable right to be forgotten requests |
| Cookie Management | Configure tracking cookie lifetime |
| Audit Logging | Maintain compliance documentation |
| 2-Step Verification | Protect accounts and personal data |
By properly configuring these features, you can balance effective affiliate program management with respect for individual privacy rights and regulatory compliance requirements.
