The Technology We Choose – to Keep Customer Data Private

No one has ever asked us, what software and technology choices we make to keep our customer data private.

But, I think that is a problem.

There’s a complete lack of transparency surrounding how businesses do (or more generally don’t), maintain privacy on behalf of their customers. If more people and more businesses were open about the types of technology they use and where they send, store and sell your data, the public would be more aware of just how often they’re being tracked, having profiles built of them, and then having those profiles sold to third parties for marketing.

I’m not here to lecture anyone on the pros/cons of the surveillance capitalism model that most modern tech and software companies use, but I do want to create an environment of transparency, where businesses discuss the software they use to track your behaviour and store your data.

I’ll even tell you every location where we store data with a third party.

If you’ve heard anything untowards about any of the services listed below, please let me know. I’m always willing to suffer the hassle of a migration, if it means greater privacy for my customers and web visitors.

Software/Companies We Deliberately Don’t Use

Google Analytics

Google Analytics is great software, purely in terms of the features and functionality it provides.

It can tell you how many people came to your website, where they came from, what they were searching for when they came, if they were on mobile, whether they were using Firefox or Chrome etc. and many other things.

It is great for informing business decisions and working on increasing conversion through a website.

Class-leading performance, plus it’s completely free! No wonder 90% of all websites use it.

It really was a master stroke of surveillance by Google.

For Google Analytics to function on your website, you insert a small tracking code into the header of your website. That’s all you need to do, and Google takes care of the rest.

By doing this, Google have been able to turn 90% of the internet into a data mining operation for themselves.

And because most people have a Google account for something (gmail, maps, youtube etc.) most people are logged into Google when they’re browsing other websites. Now Google can see exactly who, went where, for how long, specifically what they did while they were there, and even to some extent, some of the things they typed.

All this gets used to flesh out your marketing profile so that businesses like mine, can then target you by interest. Who knows what else they’re doing with such a granular level of insight.

Google Drive/Google Photos

See the above and below points about Google’s business model being entirely driven by collecting your data, and using that to sell highly targeted ads.

Google Drive also uses its photo features (Google Photos) to build its database for facial recognition.

This is just what’s known about Google Drive. There’s probably a whole lot more snooping going on than what’s been leaked.

We take photos on our tours for customers and then also help them share their own full-res files amongst themselves. There’s just no way we’d ever entertain the thought of using Google Drive for this.

Gmail

Gmail’s professional offering, which allows you to use your own domain for a gmail account (i.e. person@roughasguts.com.au), is the easiest managed inbox service to setup.

It’s also very cheap.

It’s also, where they automatically scan for keywords in your “private” email content to augment their advertising profile, not just of you but of the people you’re sending/receiving from as well.

I don’t like the gmail interface, but even if it was the best by orders of magnitude, I wouldn’t use it.

If you use gmail for your personal email and want to switch to something privacy focused, while still simple and free, take a look at Proton Mail. That’s what I use for my personal inbox.

Anything Microsoft (Including OneDrive, Servers & Windows)

We don’t use Exchange hosted emails. I did with my previous business, before going completely down this rabbit hole.

We were until not so long ago, hosting our own files with OneDrive for cloud storage, but this did not include any customer data.

I had removed Google from my life many years ago, realising they were overtly a consumer data gathering business. For some reason I can’t figure out, it took me much longer to realise that Microsoft weren’t much better. I guess because you have to pay for windows, it didn’t meet the requirements of the old adage “if it’s free, you’re the product”. It was during a reinstall of Windows when I realised just how hard they make it to opt out of OneDrive services, that I did a bit more digging and discovered that even if you choose no to everything, have a local account, choose not to share statistics and disable everything possible, they are still running their telemetry services in the background.

Before we had reservation system, we would track bookings in a spreadsheet.

You would think that something as inert as a spreadsheet, would be fine. That was until Copilot. Copilot is their AI assistant that helps you in office products. Now, every cell you use in an excel spreadsheet, if copilot is being used it sends the content of that cell to their server.

I no longer use Office 365. OnlyOffice is an open source alternative, and the only one I’ve found that can perfectly maintain existing formatting when importing a .docx or .doc file.

Chat GPT

Microsoft is one of the owners of Chat GPT. Plus, just look at the privacy breaches they had with published artefacts being indexed on Google.

Most commercially available AI services train their models on your data.

Dropbox

I’m not aware if Dropbox engage in the surveillance capitalism model, but their technology is not privacy focused.

None of the data is encrypted and relies on internal company policy, for their employees not to access your data, which is stored as plain text.

They even had a fairly wild security breach, where passwords were accidentally “turned off”, leaving every dropbox account without a password for half a day. The technology just wouldn’t be designed that way, if they gave a damn about privacy.

There were no off-the-shelf cloud storage options that we were satisfied with, which led us to what we did below.

Self-Hosted Software We’ve Gone to the Trouble of Implementing

All on Linux Servers (Not Microsoft Servers)

I’m not the biggest fan of Ubuntu (a prominent Linux distribution). Even though they’re open source, the company that runs the project keeps pushing for Snapd for package installation. This is why I personally use Linux Mint. That, and a distaste for GNOME.

However, when it comes to running a server with Linux, Ubuntu is the main option for stability and compatability. Most snapd functionality can be disabled and at the end of the day, there’s only so much you can do. I had considered for example, instead of running cloud software, using a server running Open BSD and then solely using client side synchronisation software on all of our devices. But again, how far do you go with a process that already is a bit extreme?

Digital Ocean & Hetzner

Most of the time when I mention “server”, I’m actually referring to a VPS (virtual private server).

All of our websites are run from multiple VPS from Digital Ocean, with the physical hardware being located in Sydney.

Most of our non-website related software implementation (Plausible, CRM etc.) is using multiple VPS from Hetzner and are physically located in Germany. Germany’s privacy laws are okay enough for these purposes, so we take advantage of the better value that Hetzner offers compared to other hosting companies.

Our servers where we host our cloud software are located in Switzerland which has much better privacy laws than EU countries.

We’re not doing anything dodgy. All of these countries and services can just as easily be subpoena’d. There’s a common misconception that caring about privacy, is the same as needing secrecy for doing something untoward. That’s just simply not the case.

If the old adage of “if you’ve got nothing to hide, you’ve got nothing to worry about” ever truly applied, it certainly is no longer relevant in the context of the surveillance capitalism model.

Just because I’m not doing anything illegal in my house, doesn’t mean I shouldn’t want curtains.

Cloud Storage

We self-host our own cloud on a virtual private server, using open source software.

All of our own files are kept here (and backed-up offline), and it’s also where we keep tour photos and facilitate photo sharing after tours.

Plausible Analytics

I do find it interesting how much Google Analytics has been swept under the rug, in terms of how much it surveils people.

Other Google products have received far more scrutiny, for much less. Probably because they’re consumer facing and obvious, while analytics is not.

Fortunately, there’s a much better alternative.

Plausible Analytics.

Plausible really is the triple whammy of privacy.

1. Their software is open source.
2. The code you add to your website isn’t a “full tracker”.
3. Their enterprise, software-as-a-service (SaaS) version has no free tier. Their revenue is 100% subscription derived.

There’s two options for using Plausible.

You can self-host the open source software on its own VPS/server, or in its own docker container. This does present a technical barrier to entry, but it does mean you have all the data completely self contained on your own server. This is what we went for.

The other option is that you can use their hosted SaaS option which still utilises their open source software, but is a completely managed service. This is much more similar to the Google Analytics experience. This is a paid service, but I believe it’s worth it.

Suite CRM

We previously used Hubspot as our CRM. I couldn’t even tell you what their privacy standards are like, but I decided I was more comfortable having that level of customer data being stored with us instead of someone else.

We now use Suite CRM.

Honestly, I think a CRM is overkill for our purposes. We may just get rid of it completely to simplify things.

Companies That We Are Trusting With Your Data

Rezdy

Rezdy is where we have your most sensitive data.

If you’ve booked a tour with us, we have your contact details and your billing address.

Being closed source, there’s no way to audit their code.

However, Rezdy is expensive. Damn expensive.

They charge quite a foreboding monthly fee, and then they charge a sphincter-clenching transaction fee for every purchase as well. When my wife/business-partner inevitably finds out just how much we’re paying them, there is no-doubt going to be a spirited conversation.

Their business model is completely subscription and transaction fee based. Hell, they even charge me if I want to manually make a booking for someone that has paid me cash.

Email Octopus

You would think after all that discussion surrounding self-hosted analytics tracking and cloud implementation, that we could just self-host our own email marketing, and even our inboxes.

Owing to some funny quirk of nature, managing email correctly is more difficult than anything else we manage ourselves. All of our marketing depends on email deliverability (not being marked as spam, or even just making it to your inbox at all), and that’s tricky to get right without really knowing what you’re doing.

I’m just a tour guide after all, so forgive me for not being able to pull this one off on my own.

We have chosen Email Octopus not just because their deliverability is a lot better than others, but because they utilise a tiered subscription model that doesn’t derive revenue for data aggregation and sales.

Zoho Managed Email

While Email Octopus manages our bulk email sending (newsletters, sales funnel automations etc), we also need an in box.

When you send an email to someone@roughasguts.com.au, it lands in an inbox where we’re paying for Zoho’s managed services.

India is not particularly known for it’s consumer privacy protection laws, but Zoho has long been advocating for increased privacy protection.

Not only are they extremely well priced which admittedly, is what initially drew me in, I’ve decided they are trustworthy enough for my email management, which includes a tonne of my own data, and a little bit of yours.

I’ll also mention that the features, ease of use and layout is very good. Better than I’ve found from services 5 x the price.

Google Search Console

Google can not be trusted with data. I’m sure I’ve made that clear.

But, here’s why we still use Google Search Console.

Search console, is where we can see which organic (unpaid) traffic has come from Google. If you’ve googled “tag along tour” and then clicked through to Rough As Guts, it will show that as a click and it will also tell us that you searched with the term tag along tour. If instead you searched “adventure tour” or anything else, it would tell us that as well.

But, unlike Google Analytics there’s no tracking script running on our website. Google already has that data, because your performing that search on their platform. The only code that we run for Search Console, is a TXT record (just a text file), with our Domain Name Servers, that tells Google that we’re the legitimate owners of roughasguts.com.au. That way, they know to share the data with us.

This helps me see what people are looking for, so I can write more content to suit them. Nobody asked for this article, but I’m writing it anyway.

Advertising Methods That Will Probably Send Us Broke

I listened to an episode of the Ecommerce Fuel podcast several years ago, where they were interviewing a guy who was trying to grow a male grooming brand, using only first party data (no google tags, no google tracking scripts, no meta tracking pixel etc).

I recently checked in to see if there were any updates. They almost folded and decided to start using 3rd party tracking again.

It does seem foolish, for me to be trying the same thing.

However, I’m not in the direct to consumer retail business, where advertising drives the bulk of sales and where bid/auction advertising markets are super aggressive. Being a service business, I should also have better margins.

I hope I can weather this change. But if I can’t, the next step is to try more offline advertising and more trade shows, before resorting to reimplementing 3rd party tracking.

If I ever do reimplement 3rd party tracking, I’m going to introduce a pop-up similar to the GDPR cookie notices you see a lot, but it will be a bold confession of what we’re doing and a recommendation to install tracking blockers. I know that most of these warnings will go unnoticed, but at that point it is certainly a consent based model, not the current common model of praying for ignorance, and preying on ignorance.

We’re still in the process of this changeover, so if you’re reading this when it first comes out, we may not have finished.

Google Ads – Without Tag manager and Conversion Tracking

We’re not giving them any more of your data, then what they already have.

At the time of writing this, I’m in the process of removing all conversion tracking tags and everything else related to having a performance based campaign within Google Ads.

This will hurt our advertising a bit, but our campaigns have always been pretty basic. On the rare occasions that we do run a Google Ads campaign, most of that traffic is derived from pre-set maximum CPC bids, and not performance based bids which require conversion tracking.

Meta/Facebook Ads – Without Tracking Pixel or Audience Uploads

Quite frankly, this one is a bit of a bitch.

Facebook retargeting, is one of the cheapest effective advertising methods available on the planet.

And we’re not doing it.

Retargeting is where you visit a website, then when you’re next on Facebook you see an ad for the same product/service.

All these ad platforms work on an auction format. For example, when someone types “tag along tour” into Google, I make a bid for how much I’m willing to pay for my ad to show up first. If someone outbids me, I miss out.

But because I’m paying to advertise to someone who has been on my website and no one else is allowed to do that, I’m not in a bidding war. That, plus the fact that it’s warm traffic who are already familiar with your offering, makes it a very profitable advertising strategy.

You can also upload your customer list into facebook and it will create an audience you can target. It can then create a lookalike audience of people who are similar.

I do not upload all my customer data to a company with the sole business model of using your data, to charge 3rd parties to advertise to you.

A Call to Arms?

If you run a business that has an online component, list what trackers you use and where you store your customer data.

If you’re not willing to list your tech stack, what does that say about the software choices you’re making?