> * Security vulnerabilities and how Northpass security team approaches them in relation to having Northpass platform under Pipedrive domain (learn.pipedrive.com)
> * Cookies that should be included in OneTrust, user preference to be respected. We have had a conversation with Norm around this but want to confirm we’re all good
> * Deletion of data - how is this working on the Northpass side (for user account created for learn.pipedrive.com). Northpass has already confirmed it’s possible but we need to document how
> *Data Meeting*
> * Understand what Northpass-Segment integration does out-of-the-box. From there establish if there are any gaps and if so how we can bridge them.
> * Find out what data we could bring to Pipedrive DW from Northpass native tracking and how. Things like course stats and other learning XP related items.
> * Establish what role information we pass through our SSO plays in data flows.
Lukasz: we don't have those events, but we can try to build them. Since this is a customized school, events are not being tracked as much. We may be able to pass this information.
Norm: What is the tracking unique identifier? Session ID? User ID?
> Pipedrive will create the unique ID, or passing in a pipedrive owned identifier that can be passed to segment. They will have to define what attributes and data points that they will want in the warehouse. To add, Segment can track when there is no clear user identification. Segment has a mechanism of "anonymous ID" and try to persist it in the cookie. They can use this for non-known users.
For Northpass, most of the time, users will have identifiers. If they come from Pipedrive - they will have the Pipedrive ID. If from Northpass, our UUID will be passed. We need to ensure that param is passed. This would be ideal instead of trying to rely on the anonymous ID.
Some clarification from Bjorn: are we discussing a scenario of segment tracking within all Northpass web content? Right now, design is fully under Northpass control. This makes them a little less confident, because they want to make sure it is totally trackable.
Third point: There is some native tracking. Is there a point at building everything up via Segment? Such as Course Completion, are these being passed via events? We have some webhooks, but what do they mean by "events"?
* Can OneTrust share consent snippet across pages? Main snippet is from Pipedrive.com, but it would carry over to other sites from the source snippet.
* Will we know who *hasn't* given OneTrust consent? We could create a boolean prop to show who has or hasn't given consent.
* Are they/can they tie this into Consent and Privacy Policies as dictated by Pipedrive? Good question (Kaisa) and this will need to be brought up in their meeting next week.
* Would it be possible (or are they considering) to extend their Cookie Banner into Northpass? Yes, they are.
What are the options to get the data out of Northpass and into their warehouse?
DONE: Bjorn our data schema. Send him our 3-4 options in an email so he can read through the options. The options I provided were Encrypted Dump into S3 bucket (Flink), Secure Data Transfer, Webhooks (not ideal), and Snowflake/Look for customers who are also on Snowflake or Looker.
## 01/03/2023
### Content & Uploading
Video Promo URL not embedding correctly? Why? iFrame wasn't working, but she was using embed URL not single http:// url.
