Data Safety, Privacy & Security
Date: 23rd September 2017 Version number: 1.0
Your data is save with Witness.ly. We take a number of steps to ensure you are the only person who can access your site data. Witness.ly store no visitors' personal identifiable information.
All data Witness.ly collects is stored electronically in Frankfurt am Main, Germany, Europe. Data is stored on the Linode infrastructure. Datacenter operation is compliant with Germany’s Federal Data Protection Act (a.k.a., Bundesdatenschutzgesetz or BDSG).
The database containing visitor and usage data is only accessible from the application servers and no outside sources are allowed to connect to the database.
Witness.ly collects no “Personally Identifying Information” (or “PII”) from your visitors.
Data collection and transmission
Security measures for data collection and transmission adopted by Witness.ly include:
access to the information stored within Witness.ly's servers is restricted to a limited number of Witness.ly employees and to users designated on our Customer's accounts and Third Parties who can access the information only in specific and limited circumstances and are bound by confidentiality;
Witness.ly's servers are protected by a) firewalls establishing a barrier between Our trusted, secure internal network and the Internet and b) IP restrictions, limiting access to whitelisted IPs;
each Client may only access information pertaining to its Client Website that it is tracking and to the specific End Users visiting such Client Website;
we use HTTPS for for all Our Services providing secure transfer of data to prevent wiretapping and man-in-the-middle attacks.
Data access and authentication
Access to data is given only to Witness.ly engineers who require such access to perform their job efficiently. The level of access rights depends on what their job requires. Credentials are only valid from specific IPs. SSH key-based authentication is used for server access.
Witness.ly does not make use of clients' data. Witness.ly does not distribute or resell clients' data to third parties.
Data access and backup
Witness.ly use Database backup to keep your data safe in case of system failure. Full data backup are executed and rotated automatically: a daily backup, a 2-7 day old backup, and an 8-14 day old backup.
A failed backup will never rotate out a good one. If a backup fails on the day of a weekly backup, the next oldest backup will be used for that weekly slot.
Witness.ly Architecture & Security
All data transfer form client's site to our server is via https protocol.
As a company based in the European Union, our operations adhere to the strictest legal privacy requirements.
If you have any questions or concerns at all about our Data security, please feel free to contact us:
Inetis Ltd. Kidriceva ulica 25 SI-3000 Celje Slovenia +386 3 426 00 00