Geographic footprint screen

This screen shows the geographic locations where data in this website pass through.

Why this matters

This test helps to identify the ‘hosts’ where your personal data is passed to, and the locations of those hosts. Under the GDPR, the country where personal data is held is significant:

• EEA countries are permitted to process the personal data of EU citizens.
• Selected countries outside of the EEA have been granted adequacy decisions by the EU, meaning they have sufficient data protection that they are allowed to process the personal data of EU citizens.
• The US is a special case: they have an adequacy decision which is conditional on the data processing organization also complying with the Privacy Shield framework.
• Other countries must take additional measures to process personal data.

How to review and approve your hosts

1. Navigate to the Geographic footprint screen (under Privacy > Geographic footprint).
2. Under the Unrecognized hosts tab review the list of hosts. The most frequently used hosts are listed first.
3. Where possible the legal status of the host and/or country will be explained. Consider this and whether you are willing to accept the use of the host, or whether you want to avoid future use of the host.
4. If a host is accepted by your organization, click Approve host to remove it from the list.
5. If a host is not accepted, you should take steps to remove all use of it from your website. Once you accomplish this, it will automatically be removed from the Unrecognized hosts tab.
6. In future you can review approved hosts under the Approved hosts tab.

How this works

Every resource that every webpage uses is analyzed, and the hosts of those resources are recorded. The IP address of each host is looked up, and the geographic location of that IP address is recorded.