Skip to main content
Skip table of contents

What data is stored by the app and where?

What data is stored?

Google Analytics 4

Property configuration

The following data is stored:

  • The property id and name (from Google Analytics)

  • The data stream id and name (from Google Analytics)

  • The measurement id (from Google Analytics)

  • Details of the Google user who configured the property and when

    • The user’s id, displayName and email (from Google profiles) – this is to help users of the app understand who last configured the app

  • The timestamp when the property was last configured

This data is stored in the following format:

CODE
{
	"property": {
		"id": "properties/1234567",
		"name": "Property Name"
	},
	"dataStream": {
		"id": "properties/1234567/dataStreams/1234567",
		"name": "Data Stream Name"
	},
	"measurementId": "G-******",
	"user": {
		"displayName": "John Doe",
		"email": "doe@example.com",
		"resourceName": "people/1234567"
	},
	"time": 1693327703506
}

User tokens

When the app is configured, we store an access token for the single user who has configured the app.

For your reassurance, we recommend that a service user is created for the Google Analytics account which has no access to any other systems.

The following data is stored:

  • An expiring access token

  • A list of OAuth scopes:

    CODE
    https://www.googleapis.com/auth/userinfo.profile 
    https://www.googleapis.com/auth/userinfo.email 
    https://www.googleapis.com/auth/analytics.readonly 
    https://www.googleapis.com/auth/analytics.edit
  • The token type

  • An ID token

  • The expiry date of the access token

  • A refresh token

When the app is uninstalled, these user tokens are automatically deleted.

User tokens can also be deleted by Revoking Google Analytics access.

This data is stored in the following format:

CODE
{
	"access_token": "******",
	"scope": "******",
	"token_type": "Bearer",
	"id_token": "******",
	"expiry_date": 1693567343979,
	"refresh_token": "******"
}

Reporting Permissions

The following data is stored:

  • A list of group names (from Confluence)

This data is stored in the following format:

CODE
["google-analytics-viewers"]

Where is the data stored?

The data is stored on the Heroku platform, in the US region.

Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centres and utilise the Amazon Web Service (AWS) technology.

Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data centre operations have been accredited under:

  • ISO 27001

  • SOC 1 and SOC 2/SSAE 16/ISAE 3402

  • PCI Level 1

  • FISMA Moderate

  • Sarbanes-Oxley (SOX)

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.