Merge pull request #6512 from umbraco/ums/security

Cleanup security articles

Author: sofietoft

13/umbraco-ums/security-and-privacy/README.md

@@ -1,21 +1,21 @@
 # Security and Privacy
 
-Security is a first-class citizen in the uMarketingSuite. Besides performance and all the cool features, security is important in all parts of the uMarketingSuite.
+Security is a first-class citizen in the uMS. Besides performance and all the features, security is important in all parts of uMS.
 
-We did our best to make sure that the uMarketingSuite is a secure and safe package which allows you to be safe & secure as well and have total control of all data of your visitors.
+We did our best to make sure that uMS is secure and safe allowing you to have full control of all data of your visitors.
 
-In this section we dive deeper in some aspects, but please [feel free to reach out](mailto:[email protected]?subject=Security%20and%20privacy) if you have any questions, remarks or concerns!
+In this section you can dive deeper in these aspects.
 
 ## Security settings
 
-The uMarketingSuite works in most ways in the exactly the same as any other Umbraco package. It is smart to read and apply the [security documentation & guidelines](https://our.umbraco.com/Documentation/Reference/Security/) of Umbraco.
+uMS works in most ways like other Umbraco packages. Read and apply the [security documentation & guidelines](https://our.umbraco.com/Documentation/Reference/Security/) of Umbraco CMS.
 
-If you have [locked down access to your Umbraco-folder](https://our.umbraco.com/Documentation/Reference/Security/Security-hardening/#lock-down-access-to-your-umbraco-folders), please make sure that /umbraco/uMarketingSuite/\* is allowed for all clients and it's not blocked based on a IP Whitelist or something like that. This is needed to collect [clientside events](/the-umarketingsuite-broad-overview/dataflow-pipeline/data-collection/).
+When you have [locked down access to your Umbraco-folder](https://our.umbraco.com/Documentation/Reference/Security/Security-hardening/#lock-down-access-to-your-umbraco-folders), make sure that `/umbraco/uMarketingSuite/\*` is allowed for all clients. You should also make sure that it is not blocked based on a IP or similar. This is needed to collect [client-side events](/the-umarketingsuite-broad-overview/dataflow-pipeline/data-collection/).
 
 ## Privacy settings
 
-The uMarketingSuite stores a lot of data, but because it's stored in your own database(s) you have full control over this data. The data is never stored in a central datacenter of uMarketingSolutions and no visitordata is ever transmitted to us. It's the data that the visitor gave to you as a website and it should be yours.
+uMS stores a lot of data, but because it is stored in your own database(s) you have full control over this data. The data is never stored in a central datacenter and no visitor data is ever transmitted to Umbraco.
 
-The uMarketingSuite can be [configured](/installing-umarketingsuite/configuration-options-1-x/) to store the data in whatever database you specify. This can be the same database as the Umbraco installation, but also another database. Because you have probably already discussed storage and security of the data of your Umbraco installation, you can use it exactly the same for the uMarketingSuite data. How cool is that!
+uMS can be [configured](/installing-umarketingsuite/configuration-options-2-x/) to store the data in whatever database you specify. This can be the same database as the Umbraco installation, or a different database.
 
-The uMarketingSuite gives you control over this data and especially give you some tooling to make sure that data is [anonymized at some moment](/security-privacy/anonymization/) in the future and even [fully deleted](/security-privacy/retention-periods-of-data/).
+Aside from full control, uMS also gives you tooling to the data [anonymized](/security-privacy/anonymization/) in the future and even [fully deleted](/security-privacy/retention-periods-of-data/).

13/umbraco-ums/security-and-privacy/anonymization.md

@@ -1,15 +1,13 @@
 # Anonymization
 
-At one moment in time it's probably not important anymore who clicked on what exact link at what time and with which browser. For short term Analytics that is relevant and you want to [personalize](/personalization/) the website or webpage based on that behavior, but in the long term this is far less important. But still aggregated data is still important so you can compare for example the number of visitors in the last two years with the data of the two years before that.
+For short term Analytics it would be important who clicked on what link at what time and with what browser. This is relevant as you would want to [personalize](/personalization/) the website or webpage based on that behavior. In the long term, however, this is no longer important. Aggregated and anonymized data will still be needed for something like comparing the number of visitors month after month.
 
-That is why the uMarketingSuite gives you the ability to anonymize your data. By anonymizing the data the data is unlinked from the specific session and visito, but the data remains stored.
+uMS gives you the ability to anonymize your data. By anonymizing the data the data is unlinked from the specific session and visitor, but the data remains stored.
 
-Let's take a look at a example:
+Let us take a look at an example:
 
 *Before* anonymization you can see that visitor X has visited your website four times. On the first visit the visitor visited webpage w1 and w2, scrolled down on both of them to 80% of the page length. That visit was on a iPhone with Safari. Three days later the visitor came back and saw webpage w1 again and made a purchase on w3. This visit was with Firefox on a Windows computer.
 
 *After* anonymization you can not relate the individual visits of the webpages or the browser to visitor X any longer. But if you go to the Analytics reports of visits, browsers and scrolldepths you still see the exact same number as before the anonymization.
 
-So this is perfect and privacy friendly!
-
-The uMarketingSuite recommends to anonymize your data after two years or sooner. The sooner the better, because how relevant is a click on a specific link of more than a year ago? Probably you do not want to personalize your website based on that click.
+It is recommended to anonymize your data after two years or sooner.

13/umbraco-ums/security-and-privacy/retention-periods-of-data.md

@@ -1,11 +1,11 @@
 # Retention Periods of data
 
-In our opinion there is never a reason to store your visitor data for ever and ever. Because privacy is an important aspect of the uMarketingSuite we provide you with the tools to make sure you won't store your data for ever.
+There is never a reason to store your visitor data for ever. Privacy is an important aspect of uMS, and you have tools to make sure you do not store the data for ever.
 
-You can [configure](/installing-umarketingsuite/configuration-options-2-x/) the uMarketingSuite to delete three types of the data after a certain period.
+You can [configure](/installing-umarketingsuite/configuration-options-2-x/) uMS to delete three types of the data after a certain period.
 
 - The raw data that is collected in [the first phase of the dataflow](/the-umarketingsuite-broad-overview/dataflow-pipeline/data-collection/). This data is stored and parsed a few moments later. After being processed the raw data is no longer used. Only if you want to reprocess your raw data at a later moment it could be convenient to store this data for a short while. By default it gets deleted after 5 days. Our recommendation is to store this raw data no longer than 30 days.
-- The control group data that is used for [personalization](/personalization/) purposes. When a visitor visits a personalized page, the uMarketingSuite keeps track of whether that visitor was in a control group for user experience consistency.  By default this gets deleted after 180 days. Our recommendation is to not increase this.
-- The [processed data](/the-umarketingsuite-broad-overview/dataflow-pipeline/data-parsing/) that is used for [reporting](/the-umarketingsuite-broad-overview/dataflow-pipeline/reporting/) and [personalization](/personalization/)purposes. You probably need this a lot longer.
-    - A first privacy friendly step is to [anonymize](/security-privacy/anonymization/) the data so it cannot be linked back to an individual visitor anymore. By default the uMarketingSuite anonymizes your data after 2 years.
-    - Besides anonymization, it makes sense to clean up that anonymized data somewhere in the future as well. What good is this information after 8 years for example? You should ask yourself this question and set the correct setting in the configuration file. By default the uMarketingSuite deletes the processed data after 3 years.
+- The control group data that is used for [personalization](/personalization/) purposes. When a visitor visits a personalized page, uMS keeps track of whether that visitor was in a control group for user experience consistency. By default this gets deleted after 180 days. Our recommendation is to not increase this.
+- The [processed data](/the-umarketingsuite-broad-overview/dataflow-pipeline/data-parsing/) that is used for [reporting](/the-umarketingsuite-broad-overview/dataflow-pipeline/reporting/) and [personalization](/personalization/)purposes. You most likely need this for a long period of time. By default uMS anonymizes this data after 2 years, and deletes it after 3 years.
+  - The first privacy step is to [anonymize](/security-privacy/anonymization/) the data so it cannot be linked back to an individual visitor anymore.
+  - Besides anonymization, it makes sense to clean up that anonymized data somewhere in the future as well. What good is this information after 8 years for example? You should ask yourself this question and set the correct setting in the configuration file.