Data Safety, Privacy & Security

Date: 23rd September 2017
Version number: 1.0

Introduction

Your data is save with Witness.ly. We take a number of steps to ensure you are the only person who can access your site data. Witness.ly store no visitors' personal identifiable information.

Data storage

All data Witness.ly collects is stored electronically in Frankfurt am Main, Germany, Europe. Data is stored on the Linode infrastructure. Datacenter operation is compliant with Germany’s Federal Data Protection Act (a.k.a., Bundesdatenschutzgesetz or BDSG).

The database containing visitor and usage data is only accessible from the application servers and no outside sources are allowed to connect to the database.

Visitors privacy

Witness.ly collects no “Personally Identifying Information” (or “PII”) from your visitors.

Data collection and transmission

Security measures for data collection and transmission adopted by Witness.ly include:

  • access to the information stored within Witness.ly's servers is restricted to a limited number of Witness.ly employees and to users designated on our Customer's accounts and Third Parties who can access the information only in specific and limited circumstances and are bound by confidentiality;

  • Witness.ly's servers are protected by a) firewalls establishing a barrier between Our trusted, secure internal network and the Internet and b) IP restrictions, limiting access to whitelisted IPs;

  • each Client may only access information pertaining to its Client Website that it is tracking and to the specific End Users visiting such Client Website;

  • we use HTTPS for for all Our Services providing secure transfer of data to prevent wiretapping and man-in-the-middle attacks.

Data access and authentication

Access to data is given only to Witness.ly engineers who require such access to perform their job efficiently. The level of access rights depends on what their job requires. Credentials are only valid from specific IPs. SSH key-based authentication is used for server access.

Witness.ly does not make use of clients' data. Witness.ly does not distribute or resell clients' data to third parties.

Data access and backup

Witness.ly use Database backup to keep your data safe in case of system failure. Full data backup are executed and rotated automatically: a daily backup, a 2-7 day old backup, and an 8-14 day old backup.

A failed backup will never rotate out a good one. If a backup fails on the day of a weekly backup, the next oldest backup will be used for that weekly slot.

Witness.ly Architecture & Security

All data transfer form client's site to our server is via https protocol.

SSL protcols

  • TLSv1.1

  • TLSv1.1

  • TLSv1.2

SSL Ciphers

  • ECDHE-ECDSA-CHACHA20-POLY1305-SHA256

  • ECDHE-ECDSA-AES-128-GCM-SHA256

  • ECDHE-ECDSA-AES-128-CBC-SHA

  • ECDHE-ECDSA-AES-128-CBC-SHA256

  • ECDHE-ECDSA-AES-256-GCM-SHA384

  • ECDHE-ECDSA-AES-256-CBC-SHA

  • ECDHE-ECDSA-AES-256-CBC-SHA384

Updating your Privacy Policy for use with Witness.ly

As a company based in the European Union, our operations adhere to the strictest legal privacy requirements.

We recommend you always seek legal advice within your territory. Please review the provisions of our Privacy Policy and ensure your own policy mirrors the same principles we have included at https://witness.ly/privacy.



If you have any questions or concerns at all about our Data security, please feel free to contact us:

Inetis Ltd.
Kidriceva ulica 25
SI-3000 Celje
Slovenia
+386 3 426 00 00