Data Security: The Yandex Ads Approach

Caring about data security is nothing new, and for good reason. One of the first known examples of what we now call “encryption” comes all the way from Sparta — yes, as in ancient Greece. Spartans used a wooden stick called a “scytale” to encrypt and decrypt secret messages.

Fast forward to the present day, and the sheer quantity of data available means that data security has become a top priority for individuals, companies, and institutions alike. There are extensive bodies of law and ethics that require companies to proactively safeguard data against threats.

As a result, businesses now have to be transparent about what data they collect, how it’s stored, and where it’s sent. This is particularly true when it comes to big tech companies, for whom powerful data encryption and cybersecurity systems are not only a necessity, but an indicator of business stability, reliability, and maturity.

Despite all the rules and regulations that govern this field, the standards for data protection are moving targets. Techniques for identifying and taking advantage of security vulnerabilities are constantly evolving, and fraudsters still find ways to get their hands on confidential user data.

To maintain customer trust and brand loyalty, companies today must address these important questions about data security:

How is data collected?

How is it being used?

Where is it stored?

Who is responsible for it?

Let’s dive in and answer these questions about Yandex Ad’s approach to data security.

How Yandex Ads collects data

When you run a campaign on any Ad Tech platform, you usually start by connecting a web analytics tool using what’s called a “pixel.”

With Yandex Ads, that pixel will connect you to a web analytics platform called Yandex Metrica, which collects data about your site’s audience.

What is Yandex Metrica?

One of the world’s top four web analytics solutions, Yandex Metrica provides businesses with a comprehensive understanding of their online audience so they can drive growth.

The Yandex Metrica pixel collects user data that can be used to get visual reports and video recordings of user actions, as well as to track traffic sources and evaluate the effectiveness of your ad targeting.

Data collection is an essential part of any online business, and users want to know that their personal data is secure when they visit online stores and other websites.

When it comes to data security in the advertising industry, Yandex Metrica offers businesses a safe, reliable, and free solution.

What makes Yandex Metrica safe?

As one of the world’s most popular web analytics systems, Yandex Metrica processes large amounts of data, and security has always been our top priority. Ensuring that all data is safeguarded against potential threats is at the heart of every feature we’ve designed and launched.

As proof of our commitment to transparency, we’ve opened the Yandex Metrica tag source code to give users greater access and more control. The source code has been published in GitHub and is now available for review, modification, and use in any developer’s application.

Our open-source code is comprised of a JavaScript bundle that loads simultaneously with the site page and captures various events on the site. Developers can now thoroughly study the counter code and rebuild and customize the configuration.

The disclosure of the code allows users to:

Audit, rebuild, and host the code that runs on the client
Modify the counter code as needed, removing unrequired features
Integrate useful code snippets into projects
Improve the counter code by sending a pull request

Furthermore, to comply with all relevant rules, regulations, and standards:

We have all ISO certificates and GDPR compliance (more on this below)
Our tag participates in the “The Yandex Bug Bounty” program

GDPR and ISO security standard compliance

The General Data Protection Regulation (GDPR) is a European data privacy regulation that outlines the rights of individuals in the European Union or European Economic Area over the processing of their personal information by companies worldwide. GDPR is world’s golden standard on privacy issues. It comprises a set of guidelines for businesses to follow when processing personal data.

Additionally, our data security management system has been certified to the international ISO 27001:2013 standard.

Yandex’s stance on data security, processing, and storage

Our partners and users are our top priority. Whether they’re regular buyers or one-off site visitors, we ensure that their data is protected, processed, and stored in line with our client-first approach and in strict accordance with global requirements.

We are committed to being transparent with our partners, users, and broader audiences about how we collect, use, and share data for advertising. The globally recognized ISO safety certificate and our other information security and customer data protection certificates — including ISO/IEC 27001— demonstrate our commitment to uphold Yandex Metrica’s security.

Partners and users should also know that our company always strives to comply with local laws, and we make every effort to adjust our business processes as needed when expanding into new markets.

With Yandex Metrica, users can be assured that their data is fully secure. So long, scytale; Sparta’s got nothing on us.