Hello,
We're trying to centralize all information about our customer funnel in Playfab, such that we can analyze it using tools like the Data Explorer, or some other tools that is compatible with the Amazon S3 events backup.
Our app is dedicated for kids, and we are therefore being really careful about regulations like GDPR. We need to make sure parents consent to analytics before we gather any personal data, like email or IP address. This consent happens when they register for an account. Currently, we create a playfab account only once players register (in unity, PlayFabClientAPI.LoginWithCustomID immediately followed by PlayFabClientAPI.AddUsernamePassword).
We would still like to get some information about user behavior, even if it's anonymous, before they get to that registration screen. For example, just knowing how many people opened the app VS how many registered is pretty relevant.
So the question is: can we gather anonymous data with playfab before users create their account and have their playfab ID? We don't need that data to be associated with any users - it could be as simple as a counter that is being increased whenever a user opens the app for the first time.
If we can't, an alternative way to get this data could be to silently create an anonymous account with PlayFabClientAPI.LoginWithCustomID as soon as the app opens, and send events we want to track with that account. We would then call PlayFabClientAPI.AddUsernamePassword when players actually register. The two potential downsides of that approach:
- If they already have an account, and they login instead of registering, this means we would then need to delete the playfab account that was initially created with LoginWithCustomID. Otherwise we would create several anonymous playfab accounts that would be abandoned as players login with their original account. Does that make sense, or is there an alternative approach I'm missing here?
- We need to be sure that PlayFabClientAPI.LoginWithCustomID doesn't collect any personal information as defined by GDPR (like IP address). Can you confirm that's the case?