Reactful takes the privacy and security of our customer data very seriously, so we take the following steps:
Encrypt all data in transit using TLS
Perform regular security audits
Rely on Google Cloud Services to ensure that our infrastructure is scalable and kept up to date with security patches
Monitor an incoming security email address (email@example.com) for urgent notices and security threats so that we can respond to them within 24 hours.
Frequently Asked Questions:
Do you run independent security audits?
Yes, we run periodic internal security checks.
Do you run certified audits?
Not at the moment.
Where is your source code hosted?
How long is data stored?
Indefinitely in Google Cloud Services, but it's not stored or accessible anywhere else.
For enterprise customers we can set custom data retention policies.
What personal information is being stored?
Unless Lead Capture reactions are used, no personal information about site visitors is stored.
We store session information (random session ID, session create time, reactions triggered, goals completed, etc.) and segmentation information (device, referrer, country, etc.).
And, since we use Google App Engine, a request log is saved by default for each request sent to the servers (see list of saved fields)