HomeDev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunityDoc feedbackLog In
GitHubNuGetDev CommunityDoc feedback

This is an important part when [managing GDPR compliance](🔗).

`IGDPRConventions` and `ITrackSanitizerPatternRepository` are used for adding the filtering.

## Conventions

`IGDPRConventions` has these methods.

Set patterns to remove GDPR data from a search query.public virtual void SetGDPRPatterns(List<GDPRPattern> gdprPatterns)
Get the GDPR patterns to be removed in a search querypublic virtual IEnumerable<GDPRPattern> Get<br><br>GDPRPatterns()
Delete the GDPR data in the search query that matches the patterns.public string RemoveGDPRDataInQuery(string queryStringQuery)

## ITrackSanitizerPatternRepository

The `ITrackSanitizerPatternRepository` has these methods.

**Method description****Sample**
**Add patterns to remove PII data from search query**
Add single patternpublic string Add(TrackSanitizerPattern pattern)
Add multiple patternspublic void Add(IEnumerable<TrackSanitizerPattern> patterns)
**Update patterns to remove PII data from search query**
Update single patternpublic string Update(TrackSanitizerPattern pattern)
Update multiple patternspublic bool Update(IEnumerable<TrackSanitizerPattern> patterns)
**Get patterns to remove PII in search query**
Get all patternspublic IEnumerable<TrackSanitizerPattern> GetAll()
Get a pattern by Idpublic TrackSanitizerPattern Get(string patternId)
**Delete PII data in the search query that matched the patterns**
Delete pattern by Idpublic void Delete(string patternId)
Delete all patternspublic void DeleteAll()

## Example

The patterns support plain text, wildcard, and regex. Here are some example filters.

  • Full name – “John Smith”, “Steven” …

  • Keyword contains email – “\*@gmail.com”, “\*@yahoo.com” …

  • Regex string – “\\w+([-+.]\\w+)\*@\\w+([-.]\\w+)\*\.\\w+([-.]\\w+)\*” …

The `_statisticsClient.GetGDPR()` API only support exact term search due to limitations of statistics indexes.

## Install and verify

The steps below describe how to implement and verify the PII filtering.

  • CMS Alloy sample site (for CMS 11 and Commerce 13) [installed from the Visual Studio Extension](🔗). See also [Installing Optimizely .NET5](🔗) for CMS 12 and Commerce 14.

  • Optimizely Search & Navigation [service URL and default index name](🔗), for example `http://es-api-test01.episerver.com/>\<PRIVATE_KEY>`.

  • Optimizely Search & Navigation [client-side resource base URL](🔗), for example `https://dl.episerver.net/13.2.0`.

  • Optimizely Search & Navigation 13.2.0

### Install packages

  1. In Visual Studio, set the default project to `Templates.Alloy`.

  2. Install the following NuGet packages (use the “-pre” option to get the latest development package).

    • _Find.Cms_

    • _Find.Statistics_

  3. Open the Alloy _web.config_ file and update the following entries: 

    • In the \<episerver.find> tag

      • `serviceUrl`

      • `defaultIndex`

    • In the \<episerver.find.ui> tag 

      • `clientSideResourceBaseUrl`

    • In the \<appSettings> tag

      • add an item with key `episerver:Find.TrackingSanitizerEnabled` and value true

  4. Access Admin Mode and add a GDPR test page. a. Go to CMS > **Admin** > **Content Type** tab > **Page Types** > **[Specialized] Start Page** > **Settings**.

b. Click **Available Page Types** and check  **[Specialized] Find GDPR API Demo Page** and click **Save**.

  1. Go to the CMS **Edit** > navigation panel > **Pages** tab > **Start** branch of the tree structure.

  2. Create a GDPR Search page and publish it.

  1. Return to CMS > **Admin** view.

  2. Under **Scheduled jobs**, click **Optimizely Find Content Indexing Job** and start that job manually.

### Verify

In these steps, you perform a search, delete the GDPR-related data, and add a filtering pattern to prevent it from being indexed.

  1. Open the GDPR Demo page created in the previous steps. Clear the GDPR pattern settings to verify that the tracking function runs well.

  1. Go to the search page and execute a search with some keywords.


  1. Go to the GDPR Demo page and review the displayed data.



  1. Delete the existing GDPR data and set patterns to prevent it.


  1. Search again and recheck for the GDPR data. This should now be filtered out.