Back to blog

How to capture the whole customer journey when dealing with secure member areas

Analytics Data privacy & security

Written by

Published April 30, 2018 · Updated May 23, 2024

How to capture the whole customer journey when dealing with secure member areas

In this article we guide you through all the important aspects of tracking user activity in post log-in areas of your website.

One of the most important goals of today’s marketers is to capture their clients’ customer journey from start to finish.

The term customer journey has become even more popular than content marketing and mobile marketing – one of the most important trends in recent years.

A survey conducted by Econsultancy for Digital Marketing Trends shows that most companies view capturing the customer journey as the single most exciting opportunity for 2018.

It is also said to be one of the most effective ways to understand what turns a viewer into a long-term, loyal customer. And many studies indicate that focusing on the needs of existing customers (rather than prospective ones) can generate considerable profits for every organization.

A report from Bain & Company states that a 5% boost in customer retention can lead to as much as a 95% increase in profitability.

And a 2012 study from Adobe discovered that:

  • on average, the top 10% of your customer base spends three times more per order than your average customer,
  • while the top 1% spends five times more per order.

So, there’s a lot to gain with the right approach to customer lifecycle marketing.

Data is the key

However, in order to be able to implement this type of strategy in your company, you need a fair amount of valuable data about your users and their behavior at each touchpoint. One of the most important tools for achieving this goal is web analytics. Unfortunately, finding the right solution for this task can be a big problem.

Why? Because a huge part of your customers’ activities takes place in post-login areas on your website. Depending on the industry you operate in, secure member areas are where your customers order your products, buy new services, schedule appointments, or check their credit card balance.

And as you probably know, internal areas of websites are filled with personal and in some cases even sensitive data about your users: home addresses, telephone numbers, names and surnames, and sometimes even medical records or credit scores.

If you decide to analyze and use this information, you must be sure that you are doing it with software that provides the highest level of security.

After all, breaches of sensitive data can blow a hole in your company’s reputation. And they’re also really expensive.

One of the most recent data breaches in the finance sector serves as a great example. In September 2017, the credit reporting agency Equifax announced that hackers may have compromised their system and accessed the personal information of 143 million Americans.

Now the agency estimates that costs related to this massive data breach will surge to $275 million this year. This means that the incident at Equifax could turn out to be the most costly hack in corporate history.

Ouch, right?

Why most web analytics software isn’t up to the task

The main difficulty is that most of the analytics solutions available on the market operate in the cloud environment.

And as you probably know, using software in the cloud means you’re storing your data on third-party servers located… somewhere on planet Earth. Also, it involves sharing data with your web analytics provider. In some cases (for example, with Google Analytics) the data may be even used by your vendor to improve their products and services.

This isn’t a big for regular marketing websites or apps. However, with secure member areas things get way more difficult. You simply can’t afford the risk.

IMPORTANT! Don’t forget about the provisions of GDPR – the new European data privacy Regulation that will change many things about the way you process user data. However, the topic is so broad and complex, we just want to signal it here and direct you to a couple of blog posts we’ve recently put together:

That’s why it’s important to ensure you retain the maximum level of control over tracked data. One of the best safeguards in this case is keeping the data on your own infrastructure. This means you don’t have to share it with anyone else. What’s more, it will allow you to implement additional security measures such us Single-Sign-On, data encryption, or Change Log, ensuring your data is safe and sound.

The problem is especially acute with client areas of e-healthcare systems and financial institutions. After all, these industries are strictly regulated by sectoral laws – in the case of healthcare institutions there is HIPAA regulation, while financial institutions are subject to:

  • Payment Card Industry Data Security Standard (PCI DSS),
  • GLBA Safeguards Rule,
  • Gramm-Leach-Bliley Act (GLBA),
  • Dodd-Frank Wall Street Reform and Consumer Protection Act,
  • Sarbanes-Oxley Act (SOX),
  • …and several more.

If you would like to learn more about the rules of data processing in these industries, we invite you to visit the dedicated subsections on our blog: Healthcare and Banking & Finance.

What are my options?

At this stage, many companies that have understood their need for secure analytics ask themselves if they should build their own on-premises analytics software, or look for a reliable vendor. Both options have their strong advantages.

If you go for the first one, you receive a final product tailored to your specific needs and requirements. After all, it was built for you and no one else. That said, IT resources are often in very short supply for most companies.

So if you go with a tool built in-house, chances are high that you’ll get software with very limited reporting capabilities and no integrations with other modules in your marketing stack – this includes your customer data platform, data management platform, email marketing system, or any other solution you use on a daily basis.

That’s why in some cases, it’s worth considering a ready-made on-premises web analytics solution. Unfortunately, most of the options available on the market won’t meet your standards, but there are a few of them that will.

For one, Piwik PRO offers an on-premises model where our platform is installed on your own account within one of our certified providers (Microsoft Azure, Orange Cloud, Elastx). We also offer two private cloud options (dedicated database and dedicated hardware) that offer many capabilities similar to traditional on-premises solutions.

By going for one of these web analytics options, you ensure none of the collected data is shared with third parties and that appropriate security and privacy policies are followed. And like we’ve said before, you can encrypt data or use your preferred SSO authentication method to tightly restrict access to your web analytics data. Just like with tools developed in-house.

But what often makes them a better option is the wealth of integrations they offer and their ability to combine data from different sources.

What you can do with the right software

For instance, Piwik PRO Analytics lets you not only track the behavior of your customers in secure member areas. You’ll also be able to link it with their activities from before they’ve logged in to see their whole journey.

And then, thanks to advanced reporting, you’ll be able to visualize this data inside your Piwik PRO instance using the BI tool of your choice.

What’s more, you’ll also be able to use this data in a secure ecosystem of on-premises marketing tools. The Piwik PRO Analytics Suite consists of five more products:

What’s next are some examples of Piwik PRO Analytics and other products in our offer being put to use. We will present use cases related to the healthcare and finance industries – two of the most demanding sectors when it comes to privacy:

Increasing patient engagement via personalized recommendations

You lead a project team tasked with increasing patient engagement with your e-health platform. The specific target is to reduce the number of inbound phone calls asking for information that can be easily accessed online.

To do so, you deploy the Piwik PRO Customer Data Platform and On-site Retargeting platform. Based on feedback received from the customer service department about the most frequently asked questions, you set up the following personalization campaigns:

  • A pop-up reminding patients about their yearly checkups. You import data containing the latest appointment dates into the Piwik PRO Customer Data Platform, where you define audiences and use them to configure the campaign inside Piwik PRO On-site Retargeting.
  • A second pop-up reminder about an upcoming visit or video consultation with a doctor whenever a patient logs into the platform.
  • Recommendations of other services offered by your organization via a patient engagement platform based on patient records and previously consumed content.

The results: Your content personalization campaigns result in 30% fewer phone calls, higher engagement with your platform’s content, and a 20% raise in the number of services being upsold and cross-sold via your platform.

Promoting your premier banking service to the right audience

Your client has $50,000 in their account, which qualifies them for a premier checking account with additional benefits. With your web analytics and personalization tool (also a part of the Piwik PRO Analytics Suite) you can generate a personalized pop-up to encourage them to apply for the account with information about your special offer.

The results: Your marketing efforts are more effective as you’re able to differentiate your offer, personally connect with your audience, and improve their experience with your brand.

Tracking users in secure member areas – some conclusions

Understanding your users’ total customer journey is the key to creating better marketing campaigns, mastering your products and services, and building lasting relationships with clients.
However, this should never come at the expense of the security of your clients’ data. Fortunately, it doesn’t have to be that way.

We hope we’ve convinced you that tracking activities in secure member areas can be done safely when you use the right software. If you have any more questions about secure data processing, contact our team – we’re happy to help!

Contact us


Karolina Lubowicka

Senior Content Marketer and Social Media Specialist

An experienced copywriter who takes complex topics of data privacy & GDPR and makes them understandable for all. LinkedIn Profile

See more posts by this author