Epicor 10.2 automatically enables telemetry to collect system data in order to improve the quality of Products & Services, Analyze Trends and Troubleshoot Issues. It does that by collecting Licensing Info, Product Usage and Non-Personal Data. You have the option to Opt-Out.
As you upgrade from 10.1 to 10.2 you may be greeted with the following message during your Application Server Deployment.
If your Company locality in the Admin Console is set to China or Russia, you unfortunately will not be able to participate.
Where Does The Data Go?
Epicor uses Azure Application Insights. System Admins you might notice frequent pings to dc.services.visualstudio.com or dc.applicationinsights.microsoft.com
What Data is Collected?
For each telemetry event Epicor collects Event Time, Event Name, Device Type, Company ID, User ID (Hashed non-identifiable), Session ID, License, Client IP Address, City, State, Country, Operating System, Computer Name (Cloud Instance) and Epicor Version .
NOTE: The IP Address may no longer be included, there are posts about Azure stripping the IP Address in order to comply with GDPR. I assume the GeoLocation Data such as City, County came from the IP Address - Epicor is not transmitting it
Complete JSON REST Call may look like this
Company, License ID and Enabled Modules
Collects the data about companies, purchased licenses and modules.
Started Client Session
Collects the data about started session.
Collects the data about errors on the server side. This includes Failed Methods and Stack Traces.
Collects the data for any server request sent from client and server.
Collects the data about recently opened and closed programs.
Clicked Action Menu or Toolbar Item
Collects the data for Action Menu or Toolbar Item.
Activated Tabs or Sheets (Pages)
Collects the data about recently opened tabs and page views.
Active Home Page Usage
Collects data about Active Home Page usage.
Epicor Data Discovery Usage
Collects data about Epicor Data Discovery usage such as Open EDD Views and Time spent on EDD Views.
Why is Epicor Collecting Data?
It has nothing to do with spying on you, it is merely performance data in order to better understand how to prioritize their resources and support.
Rest assured your keystrokes and data is not being transferred.
How to Opt-Out?
Before you make the decision to opt-out know that sending telemetry data is merely diagnostics information and Epicor can make better investments based on the analytics they receive. Everyone benefits at the end You, Community, Partners and Epicor by sending telemetry data they can look for bottlenecks in Business Object / REST Calls and let’s them know that something should be done, since data doesn’t lie.
In addition, they can see which Forms and Reports are used the most and prioritize their backlog.
Rest assured your keystrokes and data is not being monitored. Application Insights / Telemetry is not just used by Epicor! It is wide-spread and probably even the device you are reading this on is sending some kind of metadata to its developer.
If you or your company still feel uncomfortable sending telemetry data, here is how you opt-out:
You can opt-out by using the Admin Console and navigating to the Application Instance’s Companies Section. Epicor will continue to send telemetry for each client that has an active session, once you restart for example your Epicor Client, the Client will no longer send telemetry data. There is no IIS Restart required.
Your Own Research?
If you would like to do your own research, you can download Fiddler and monitor your HTTPS traffic.