FI116170B - Method of conveying return information from a feedback system, as well as data transmission system - Google Patents

Description

116170

A method for transmitting feedback from a feedback system and a data transmission system

Description of the Invention 5

The present invention relates to a method of transmitting feedback from a feedback system to a terminal without identifying a person's identifier when transmitting feedback, wherein the personally identifying information is collected by a collection device, wherein the collection device reads a personal identifier associated with wherein, based on the anonymous identifier, the identity of the person and the means of identification are not determined, and said anonymous identifier 15 is used to convert the collected personally identifiable information into anonymous information, wherein said anonymous information and anonymous identifier is transmitted from the The invention further relates to a data communication system comprising a personal identification means 20 comprising a personal identification device, a collection device comprising means for collecting personal information, and means for collecting personal information based on said identification means and Y, 'identifier, processing device, data network. “F for transmitting data to a processing device, terminal, service provider,

• I I

/ 25 means for generating a unique, one-way anonymous identifier based on the person identifier, means for converting the collected personal information to anonymous information based on said anonymous identifier, and means for anonymous information: j ": 30 for transmitting and storing in a processing device.

> I »

BACKGROUND OF THE INVENTION [0003] Y: Various systems of communication currently employ various means of identification by which individuals can report information relating to the system itself. Such identification means are various membership cards, 2 116170 which are, for example, chain store, organization, company, etc. In such a case, when a person performs an operation in a system affiliated with the system, the identification means, such as 5 personal data, . One non-limiting example of such an event is shopping at a retail store. When a person pays for their purchases, the person's identification device, such as a customer card, is read to the cash register. In addition, purchase-related information such as purchased goods, their price, total purchase price, place and time of purchase, vendor information, etc., is stored on a suitable communication medium, which is preferably stored in a database. This information can then be combined to provide statistical information on the different locations, the shopping behavior of 15 people, etc. However, the problem with such a system is that in many countries the law restricts the collection and processing of personal data. In such cases, the person may be asked for permission to collect the data. Unless a person consents to this, the information collected about a person's behavior may not contain any personal information. In this case, the value of using the system for the system administrator decreases because, for example, advertising cannot be targeted to specific individuals. On the other hand, there is no information about / '· «. what types of people have purchased certain items, eg are there men, women, what is the age of the buyers, wealth, income level, etc. In addition, the same person may hold cards from various organizations, the importance of member offers is diminishing: · · · · · · · · · ·: decreasing as the individual cannot be very easily engaged with the services of a particular organization.

* »» I

: 'γ 30 Patent application US-2002/0019764 discloses a system and, -L. a method for performing operations on an Internet computer network in anonymous form, that is, without the need to transmit personally identifiable information within the system. The individual may log in anonymously to a closed data network and browse the services provided in that closed data network, etc. The system may then store various behavioral information in the system in a user profile, but this information does not allow the correct identity to be identified. The person has entered into a service contract with a trusted service provider, which allows the person to log on to the system through the service provider's server or equivalent. The system is based on the fact that the person 5 logs on with a user name and password that he / she has defined. It is advisable to select these in such a way that the identity of the individual cannot be determined. However, in practice, the individual must configure the user settings on his or her workstation with which the service provider contacts the system. 10 These user settings are therefore not the same as the user-defined user name and password. Based on user settings, the system knows that this is the person who has access to the system. In this case, identifying information about the person may also be collected, or if an untrusted party accesses the server, this information may be traced and associated with the person's username. In addition, if a person wishes to switch to browsing services outside of said closed network, etc., at his workstation, the individual will in some cases have to disclose his or her identity, e.g., to make purchases through the network.

20

Summary of the Invention

It is an object of the present invention to provide a method and system for collecting a person's behavior.

• · I

: 25 information in such a way that the information collected about a person cannot be linked to that person in any situation. The invention is based on the idea of forming a unique and one-way anonymous identifier based on the information contained in a person's identifier.

;: · Unidirectional in this context means that, based on the anonymous identifier, it is virtually impossible to determine the identification means to which the anonymous identifier relates. Such a unique, one-to-one identifier can be formed, e.g. hash functions. Specifically, the method of the present invention is essentially characterized in that, for transmitting 35 feedbacks based on said anonymous identifier, a person is provided with a trigger on the anonymized information of the service provider's feedback system, including information about one or more anonymous identifiers as an anonymous recipient, where: - the person enters a personal identifier into the terminal, where the personal identifier is converted into a one-way anonymous identifier, which is used as the person's user ID, - transmits said user ID to the feedback system, and - sending feedback from the feedback system associated with said excitation ä using the aforementioned data connection.

The system of the present invention is essentially characterized in that the system further comprises: - means for determining an excitation on the provider's feedback system based on anonymous information, to which the information from one or more anonymous identifiers to anonymous recipients is provided based on the personal identifier entered, wherein the anonymous identifier calculated on the terminal is provided for use as a person's user ID: - transmitting means for transmitting the user ID generated in the terminal to the feedback system, the system further comprising;;: * - searching means on the UE; 30 to search for matching stimuli in the feedback system and - transmitting means for transmitting feedback associated with the searched excitation to the terminal.

The present invention provides significant advantages over prior art solutions. The arrangement of the invention enables relatively easy and reliable data collection without compromising the disclosure of the individual's individuality. In this case, the person may use his or her own means of identification, and yet information about the person's behavior may be collected anonymously. The solution of the invention avoids selecting a separate anonymous identifier for a person. The person himself does not need to come up with an anonymous identifier. The system according to the invention can be applied even in connection with already existing systems by using the existing identification means by making only the necessary additions and modifications to the system. The invention enables, for example, advertising targeted to the characteristics of a person-to-woman, although the individuality of the person is not known in the system. In this case, systems developed by trade groups, organizations and other service providers will benefit the system administrator by reducing the need to provide various advertisements, newsletters, etc. to persons who are not interested in them or for any other reason cannot benefit from them. This also reduces system running costs. Individual privacy can be almost completely guaranteed in the system.

20

The invention enables e.g. interactive anonymous data communication '.j. the relationship between the merchant and the customer is based on the buyer's actual purchasing behavior.

* * · ;; t: 25 The term "person" in the context of this invention does not necessarily mean one physical person, but may be a community, a family, a family, an individual, a couple, or some other entity.

The invention will now be described in more detail with reference to the accompanying drawings, in which Figure 1 illustrates a system according to an advantageous embodiment of the invention in a reduced diagram, Figure 2 illustrates a collector device according to a preferred embodiment of the invention Fig. 4 is a simplified diagram of a method of collecting feedback and measuring data output according to another preferred embodiment of the invention, of collecting data based on an anonymous identifier in a method according to a preferred embodiment of the invention; 6 is a schematic diagram showing the generation of 15 anonymous identifiers used in a method according to a preferred embodiment of the invention; a and forwarding the message using an anonymous identifier.

The system 1 according to Figure 1 preferably comprises at least a collecting device 2, a processing device 3 and a data transmission channel 4 for transmitting data generated on the data collected by the collecting device 2 to the processing device 3. It is clear that the system 1 in Figure 1 is only a wherein the method of the invention can be applied. For example, collection devices 2 typically have several tens, hundreds, or even several thousands in one system. The communication channel 4 comprises a data network 4.1, such as a telecommunication network or the like, in which information can be transferred between devices as is known per se. The data network may also comprise, for example, an Internet network 4.2, whereby data can be transferred almost infinitely, regardless of where the collecting device: · the devices 2 and the processing device 3 are located. It is also clear that the number of processing devices 3 is not limited to a single device, but may be more than one. Preferably, however, data can be transferred between different processing units and one processing unit can be configured to control other processing units, if necessary.

The collector device 2 also comprises a memory 2.2 for at least temporarily storing various data required for the operation of the collector device and read from the identification device 5. . Further, the collecting device 2 5 has a processor 2.3 for controlling the operation of the collecting device. Preferably, the collection device further comprises a display 2.4 and one or more keyboards 2.5, 2.6 or a similar data input device. In this embodiment, the collection device 2 is a cash register or the like comprising a first 2.5 and a second keyboard 2.6 and an encoded data reader 2.7. With the first 10 keyboards 2.5, the cashier can enter the information needed at the point of sale. The second keypad 2.6 is mainly intended for use by the customer in this example, whereby the customer may enter a Personal Identity Number (PIN) corresponding to his own means of identification, without the need for a separate written signature. The Koo-15 data reader 2.7 is, for example, a bar code reader, a magnetic data reader, or even a device capable of remote reading, such as a so-called. RFID reader reader. Using this coded data reader 2.7, the cashier can read the customer's purchased goods into the collector 2. It is possible that the collector has several different coded data readers 2.7. The identification means reading device 2.1 is, for example, a device suitable for reading a smart card, ', j, a magnetic stripe card and / or other similar identification means. Devices suitable for remote reading can also be used in this context. In a preferred embodiment, the human ·: The mobile phone subscriber card, i. SIM-card. In this case, data transfer can be performed e.g.

via a cellular network (not shown), or for use in short-range wireless communication such as radio frequency or optical data transmission; · Via donation means (not shown).

30

The collection device 2 also comprises communication means 2.8 for transmitting information from the collection device 2 via the communication network 4 to the processing device 3.

The operation of the method according to a preferred embodiment of the invention in the system of Fig. 1 will now be described with reference to FIG. An example of an event from which personal information is to be collected is the purchase transaction. In this case, the person, the customer, collects the goods to be purchased in the shop and then goes to the cashier to pay for those goods. Customer 5 is presumed to have an identification means 5, such as a credit or debit card, or a customer card of the trade or merchant concerned. In connection with a payment transaction, the customer provides the identification means to the cashier person, which places the identification means 5 on the reading device 2.1 to read at least part of the information stored on the identification means 5 on the collecting device 2. The remote reading device does not need to be placed on the reading device 2.1.

The identification means includes, for example, a reading set (Fig. 3) or another identifier 6 identifying the identification means 15. The identifier 6 is read into the collecting device 2 and stored in memory 2.2 (block 401 in the diagram of Fig. 4).

The cashier begins to record the purchases on the collection device 2, e.g. with the first keyboard 2.5 and / or the coded data reader 2.7. The price information may be stored in the cash register system 7 of the shop, whereupon the collection device 2 reads the identifier of the purchased item, if necessary the quantity, weight or other unit on the basis of which the price is determined. The collection device 2 can determine from the cash register system 7 the unit price, whereby the total price of the purchased product can be calculated. After all * I ·; :: 25 items to be purchased are recorded on the collection device, the total purchase price can be calculated and a receipt is printed (block 402). The customer may make the payment either in cash or by using the said means of identification, provided that a function enabling the payment is included. If the identification means is also used for payment, the identifier of the identification means of the payer 30 and the total amount of purchases are sent from the collection device 2 to the respective payment system 8 (block 403). In this case, the payment will be debited from time to time on the customer's account or an invoice will be sent to the customer. Thus, in order to charge the transaction, the identification device 2 must be sent from the collection device 2; V: the payer can be identified. However, this identifier is not sent: in 35 systems, to a location where information about the customer's individuality may not be included. In the system of Figure 1, the conceptual device 3 is assumed to be such a device that collects statistical data and the like but does not process personally-related data.

The collector 2 can thus collect a variety of transaction information in addition to the price-5 information. In this case, for example, it is possible to find out the stock situation in substantially real time. Predicting product sales in advance can also be facilitated by researching past product sales. In addition, by combining different data, purchasing behavior profiles, etc. can be created. By gathering data on a plurality of collecting devices 2 and over a relatively long period into the processing device 3, more detailed statistical analysis can be performed based on various criteria.

As previously mentioned in this specification, the collection of personal-females-15 data is prohibited in some countries, so according to the present invention, anonymous identifier 9 (Figures 3 and 4) is generated based on the identifier 6 read from the identifier means 5 to the collecting device 2. This anonymous identifier 9 is formed in such a way as to render practically impossible or almost 20 impossible to identify the identification means 5 whose identifier 6 is concerned. Such anonymous identifier 9 may also be referred to as a one-way identifier. The method of calculating the anonymous identifier is preferably such that each different identifier 6 results in a different anonymous identifier 9, i.e., * * · •:: 25 is a unique anonymous identifier. In addition, in some cases, it is preferred that the number of characters contained in the anonymous identifier 9 is substantially the same regardless of the number of characters in the identifier 6. One method of generating such an anonymous identifier is: use of hash functions. The hash function input:: 30 is the string of tag 6, and the output is anonymous tag 9. This is represented by block 404 in the diagram of Figure 4. Once the anonymous identifier 9 has been determined and the transaction has been completed, the information collected from the transaction 'If *', except for the V identifier allowing the purchaser to be identified, may be sent together with the anonymous identifier 9 to the processing device 3 (block 405). In the processing device 3, the collected data can be stored and used, for example, for statistical analyzes. Conceptual data may be stored in the conceptual device 3 that does not identify such persons, such as age, sex, place of residence, income, wealth, hobbies, etc. This information is preferably stored at the time 5 the person enters into the contract. system 1 administrator. For example, when a person obtains a trading card for a trade group, the person may provide the above information in the application form. The system then assigns an identifier means 6 to the person and calculates an anonymous identifier 9. The anonymous identifier 9 and non-identifiable information about the person 10 are stored in the system 1, preferably in the database 3.1 of the processing device 3. Thus, this information does not make it possible to determine a person's identity, but can be used for statistical analysis and other such activities.

15 The person's identification information is stored in another trade group database (not shown), which allows the person to be sent regular postal customer mail. In the event that the identification means 5 also includes a payment and / or credit feature, unique information for this purpose must be stored in the payment system 20.

I · «* J Information stored and configured in the processing unit 3 can be accessed * ;;; including sending feedback, announcements, advertisements, etc. to the person. This can be done using a variety of feedback channels 10, 12, such as portals in the Internet Information Network 4.2, wireless devices (mobile phones, laptops, etc.), pda devices (e.g., PDAs and notebooks), digital Channels, chip cards, etc. enabled by TV

The system assigns an anonymous identifier or identifiers to the trigger, such as age,: ': 30 wealth, hobbies, etc. In this case, the person, for example, browses through his terminal 13 sites on the Internet Information Network 4.2. The person has, by means of his or her identification means 5, or by entering an identifier contained in the identification means: to the terminal 13, completed the login, wherein the terminal 13 is; Y: Calculated the anonymous identifier and used it to identify the person. ···. 35 don as the person's username. When a person enters the service provider's home page, the processing device 3 or another service provider compares the anonymous identifier (user ID) of that person to the information of the alarms and upon detection of the same identifier, the processing device 3 may send a bulletin, advertisement, etc. to the person's terminal 13. In this case, the individual receives the information specifically addressed to him or her without ever compromising his or her individuality.

Sending messages to anonymous identifiers can also be done as follows. The user obtains an e-mail address which includes an anonymous identifier as address information, but does not include personally identifiable information. In this case, newsletters can be sent anonymously by e-mail, for example for direct marketing purposes. The person receives information about the incoming email or visits periodically to check for new email. The sender of the bulletins may set up various groups for bulk transmissions, gathering the email addresses of the ano-15 identifiers for which a particular type of bulk transmission is intended. A variety of criteria can be used to form groups, such as age, gender, etc., but do not reveal the identity of the individuals in the group.

20 There was only one example of the use of the data collected above; but it is obvious that the invention can be applied in many other areas and for the transmission of very different information.

It should also be mentioned that the impulse can also be made based on purchasing behavior. In this case, profiling is performed on the basis of the customer's actual purchasing behavior, based on which the personalized message is personalized to him or her. For example, a local retailer may make special offers, and a person may be informed of such special offers, for example, while browsing the Internet as described above. The system according to the invention enables e.g. 30 analysis of the effect of advertising and other bulletins on better and more realistic solutions than in prior art solutions, since the system according to the invention firstly identifies to which anonymous identifiers the bulletin has been sent, which anonymous identifier has read the bulletin, and what such anonymous identifier has been used, e.g., when purchasing the advertised product. 12 116170 allows the system to receive feedback and, if necessary, to change the bulletin / information policy and to continue to monitor the impact of the changes. Thus, in the system according to the invention, the principle of a kind of continuous loop can be applied in which the excitation generates feedback, which further causes, if necessary, a correction movement which generates new feedback, etc.

The method applying the above operating model is shown in Fig. 5 in a simplified diagram. The method consists of various steps, which are briefly described below. Specify a bulletin (e.g., commercial road-10 dote) and select the appropriate set of recipients (step 501 in Figure 5). The selection of the recipient population uses some criteria that are reasonable for the announcement, such as the individual's dietary restrictions (language, lactose intolerant, etc.). This information has been collected, for example, at the stage when the person has acquired the membership card or the like, in which case the anonymous identifier can be formed based on e.g. the membership card number. Information may also be collected by collecting and profiling anonymously information about a person's purchasing behavior, that is, information related to purchases, and / or other information. A combination of several methods may also be used to collect the data. Regardless of collection-20, the information is stored under an anonymous identifier in such a way that it is not possible to identify the person concerned. In the next step 502, the message is sent to the selected set of recipients, for example by e-mail, or a link or the like is placed on the company web site through which the selected set of persons are given access to the newsletter (503). The bulletin is also assigned a monitoring time, which »* ·: · created after this time to check how many people in the selected set of recipients have received and read the bulletin. Based on this information, the efficiency of the delivery of the bulletin can be deduced. blanket. In addition, the method monitors the materialisation of the impact of a bulletin 30 into a purchase transaction. stored in a database, which allows the database to be consulted; how many people who have read the bulletin have also purchased the product being reported. On this basis, the efficacy of the bulletin can be deduced and, if necessary, corrective action can be taken on the efficacy of the bulletin; 35 to add 505.

13 116170

For the practical measuring activities described above, it is advantageous that a sufficient database of people, such as customers, is collected based on their purchasing behavior. Purchase transaction information is attached to an anonymous individual, not the entire group. In this case, it is possible to perform profiling in the subject under consideration to form a desired set of well-defined and ultimately limited quantities. The bulletin to be produced shall correlate the profiling to a sufficiently large extent that the effect of random factors can be reduced to a sufficiently low level.

10

The invention enables complete anonymity with great certainty. The identity of the person is unknown. It is not known whether the individual is a community, a family, a family, an individual, a couple or any other entity. As a result, one cannot know the age, gender, occupation or any other demographic or social identifier of an individual 15. The subject subject only has a unique identifier. Anyone who knows the identifier 6 or the anonymous identifier 9 and the password can use the system and act as a subject. No user background information is required to log on to the system. Logging in as such is already the 20 required interaction relationships.

In the solution according to the invention also a more reliable customer -! »·. It is more secure to get feedback, etc., because the feedback can be given anonymously. In this case, the identity of the person giving the feedback is not ;; V 25 revealed, which in some cases gives more and more truthful feedback.

Figure 6 is a diagram further illustrating an example of transmitting a message using an anonymous identifier. In step 601, the identifier is read from 30 cards or a personal (identifier test) identifier is entered, for example, on the keyboard. Based on this, in step 602, an anonymous identifier is calculated, for example, in the collecting device 2, by a computer terminal or the like. If the user wants to send a message to the system, for example: Λ: to the merchant, he can now do so using an anonymous identifier (step: [[[: 35 603)). A message may also be sent from the system to the user based on this anonymous identifier (step 604).

14 116170

The following describes some of the features of the system and the related concepts.

5 Activity-oriented interaction profiling

Activity-oriented interaction profiling means the profiling of person-related features of a user unit (user subject) in the system in an interaction relationship. Thus, the profiling of the user 10 at time t-1 (t minus 1) is known, and from this a qualitative or statistical quantitative classification (factoring, clustering, etc.) is formed. Based on this classification, impact testing can be conducted, informing users of new opportunities in the form of a test setup or a simpler setup. This results in a behavioral change to the time unit to. The change in behavior between t-1 and tO can be measured in profile classes. The influence of information on behavior can be calculated within the confines, which allows us to determine what kind of information produces the kind of change in each profile class.

20 Leverage profiling method

Activity-oriented profiling computation provides information on what in- "··. Formation acts as a lever for action across the population as well as in each category. Analysis can also be refined by calculating leverage in the other way, that is, grouping the power lever effects of different lever The population can be reclassified to different impact categories, i.e. segments, based on cost effects, then the leverage class can be set to the following setup, that is, the population is parsed into leverage classes and tested for leverage as a starting point during the to , behavior at time t1 This can be used to deduce the competence of lever classes as a function parser.

: A: Identity Protection, Information Channeling, and Information Interaction Relationships 15 116170

Activity-oriented profiling leads to the classification of user units on the basis of activity alone, whereby the identification of the user unit can be accomplished by anonymous identifier 9 alone. The anonymous ID, in turn, acts as a communication tool. It can be used as 5 absolute anonymity, whereby anyone who accesses the system under a particular anonymous identifier receives treatment based on profiling that is completely independent of the user's personal information, even if it is in the case of a group, and the system does not require any such information to be recorded. The only information that is required is user-provided feedback channel identification, which may be the real-time absolute anonymous identifier used on the Internet, the mailbox used for mailing, Poste Restante, any email address, the agency's general mailing address, a pseudonym, address, 15 mail pick-up point, SMS number, or some new anonymous forwarding mechanism.

Leveraging the core of ERP 20 Leveraging analysis leads to anonymous interaction where leverage controls activity. Leveraging attachment to identity makes leveraging a way to structure the product! ···. and the modernization of the TV mix, with some users being rigid and committed to their traditions, some demanding to change, some to something else. 25 The method allows an anonymous identifier to be associated with the user: f leverage class. The leverage class can also be substantive in that it includes: ·· ·: something like vegetarianism, meat, fish, health food, etc. This can be refined with some additional conditions, such as diabetes control, geliatry, etc. combined with the leverage class. In doing so, the interaction informs, for example, the vegetarian, the traditional consumer with a coffee offer, or the desire to reform the steak shop about the marinated marble fillet. The idea is to know if an anonymous identifier is being triggered by any interest in an anonymous identifier! la. and what that object is.

35 16 116170

Commitment

The interaction becomes a customer relationship, as the user receives their own qualifying feedback from the system. Likewise, a change in situation 5, such as marriage, divorce, change, etc., occurs indirectly in action, whereby the profile and lever category change. Unnecessary information is quickly eliminated in a few units of time, and the system makes a correction. Feedback cannot be obtained elsewhere. Commitment can add value services that are only available through anonymous 10 tags.

The economics of advertising

Advertising becomes more specific and becomes permanently adaptable. 15 The system controls the flow of information in an economical way. An unnecessary flow of information is interrupted when the feedback is negative over a period of time. The quality and useful information flow is strengthened.

There are also numerous other application areas for the invention other than those described above. For example, voting in the system of the invention can be conducted without compromising voting secrecy. Voters may, for example, be sent a notice of their right to vote in elections. This release may include a unique identifier **. When a person goes to the polling place, his or her identity ;; v 25 is usually checked, after which he or she is allowed to vote. Voting can now be carried out, in accordance with the present invention, by entering a unique identifier into a person either at the actual polling station input device or at a computer terminal or the like. An anonymous identifier is computed on the device and: f''30 is sent to the polling server. Anonymous identifiers are stored on the server, comparing the anonymous identifier computed and transmitted by the device with the stored identifiers to determine whether the person is eligible to vote and whether: V; he may have already voted. If the voting event is approved, 35 that 17,116,170 voting rights for this identifier have already been exercised in this voting event will be stored with that anonymous identifier.

It will be understood that the present invention is not limited to only the above embodiments, but may be modified within the scope of the appended claims.

Claims (8)

A method of conveying return information from a return system (10) to a person's terminal (13) without investigating the person's identifier in connection with the transmission of the return information, in which personal data is collected by a collection device (2), wherein for collection of data: - a personal identifier (6) associated with the person's identifier (5) is read with the collection device (2), 10. on the basis of the information containing the person's identifier (6) an individual, one-way anonymous identifier (9) is formed; - said anonymous identifier (9) is used for converting the aggregated personal data into anonymous data, wherein - said anonymous data and the anonymous identifier (9) are transmitted from the collection device (2) to a processing device (3), anonymous data and the anonymous identifier (9) are characterized, characterized in that in order to convey return information (11) on the basis of said anonymity ma identifier (9) to the person is determined in the return system (10) by a service provider on the basis of the anonymous data an impulse provided with return information as well as information on one or more anonymous identifiers (9) as the anonymous return information * '. tag, wherein - the person enters the personal identifier (6) into the terminal :: v 25 (13), in which the personal identifier (6) forms a unidirectional anonymous identifier (9) to be used as the person's user identification, - said user identification is conveyed to the feedback system (10), - in the feedback system (10) an impulse is provided, which is provided with information about the anonymous identifier (9), which corresponds to said: v. from the terminal (13) conveyed user identification, and - the return information (11) associated with said pulse is transmitted from the return system (10) to the terminal (13) using: V: said data transfer connection. O 35 116170 Method according to claim 1, characterized in that the method is used in connection with a purchase transaction, whereby information is collected about purchases made by the person and about the price information of the purchase, said anonymous identifier is used in the provision of information other than price information (9 ). Method according to claim 1 or 2, characterized in that, on the basis of said anonymous identifier (9), a message (11) is conveyed to at least one person, the effect of the conveyed message (11) being monitored by examining purchase transactions which performed by at least one anonymous identifier, to which said message has been sent. Method according to claim 3, characterized in that the message is linked to the message about at least one sales item, if the receipt of the message is formed a task by which the recipient's anonymous identifier forms, and on the basis of the purchase transactions posted on the the basis of said anonymous identifiers upon receipt of the message is investigated if they include any sales item, which information was associated with the message, the impact of the message being determined by comparing the number of purchases of said sales items according to the inquiry with the number of anonymous identifiers, t '. *: 1 to which the message has been sent. • · • · • · · j ;; / 25 Method according to claim 3 or 4, characterized in that the result of the survey is used to change the message (11): ...: and / or its dissemination practice. 6. A data transmission system (1), comprising: '' - a means (5) for identifying a person, which is provided with: * a personal identifier (6), \, f - a collection device (2) , comprising means (2.5, 2.6, 2.7) for collecting personal data, and means (2.1) for collecting: V: the person's data on the basis of said identifier (5) and identifier (6), a processing device (3) , A data transmission network (4) for communicating the collected data to the processing device (3), a terminal (13), the service provider's return system (10), in which return information is arranged to be stored, means (2). , 2.3) to form an individual, unidirectional anonymous identifier (9) on the basis of the person's identifier (6), means (2) for converting the aggregated personal data into anonymous data on the basis of said anonymous identifier ( 9), and means (4) for conveying and storing anonymous data in bra The appliance (3), characterized in that the system further comprises: - means for defining an impulse in the service provider's return system (10) on the basis of anonymous data, said impulse being arranged to provide information on one or more anonymous identifiers (9) ) as the anonymous recipient of the return information, - in the terminal (13) - feed device for entering a personal identifier, 20. calculator for forming an anonymous search identifier on the base of the input personal identifier (6), the one in the terminal (13) calculated anonymous identifier is arranged to: ···. used as the person's user identification, - transmitters for conveying the Y formed in the terminal * * the user identification to the return system (10),:,.: 'the system further comprising' ··· - search means for searching the anonymous identifier (9) as corresponds to the user identification formed in the terminal (13) among the pulses stored in the feed system (10), and 30. transmitters to convey the return information (11) associated with the requested pulse to the terminal (13). »* * System according to claim, characterized in that the collecting device Y: the device (2) is a cash register with said means (2.5, 2.6, 2.7) for the Y .: collection of personal data and means (2.1) for the collection of 116170 the person's information ρέ the base of said means of identification (5) and identifiers (6). System according to claim 6 or 7, characterized in that it comprises a return system (10) having at least one return information channel (12) for transmitting return information on the basis of the anonymous identifier to the person without using said person-linked data. • I t * · · * • t · I • · • 1 1 •> * »· * · t •» · * t • · • # • t · 1 • · • · I f> • 1