To ensure that customer data is safe and always protected on Trackier servers, we implement stringent security measures and access policies, including data encryption, unauthorized access restriction, and anonymization options:
Pseudonymization: Pseudonymization protects your data by replacing personally identifiable information fields by one or more artificial or pseudonyms. For example, the name “Clyde” can be stored under a pseudonym like “qOerd.” The visitor UUID is stored only after pseudonymization by using a one-way hash.
Anonymization: Anonymization conceals the identity of individuals and data identifiers of any nature that can apply to information such as name, email address, passwords, and others. For example, the last octet of IP addresses stored on the Trackier server is anonymized by default. Also, we allow users to select and apply different anonymization formats.
Application Security: The Trackier development team is trained on OWASP Secure Coding Practices and uses the industry best practices for building secure applications.
Code Repository: Trackier code is stored in a code repository system hosted by our cloud data centre provider, Google Cloud Platform and BitBucket.
Code Reviews: We have strict policies and least access privileges to code on our data centers. All commits, fixes, and updates to production code are strictly reviewed and approved by the Head of Engineering and lead engineers, only after these pass Unit Testing and QA in local and test environments.
Access Privileges: The data stored on production servers is accessible only to the Head of Engineering and lead engineers. No other member of Trackier has access to customer data, unless a specific access permission is granted by the Chief Executive Officer and Head of Engineering for resolving any technical issue or for debugging purposes.
Data Backup: Trackier takes an hourly backup of the database at our cloud data centers.
Encryption: All data reaching Trackier servers from clicks, conversions, or the custom dimension is encrypted by using the industry standard AES-256 encryption algorithm.
Secure Connections: Trackier is connected to the web through HTTP or HTTPS protocols by using Secure Sockets Layer (SSL), a cryptographic protocol designed to protect against eavesdropping, tampering, and message forgery. The Trackier application provides the option to enforce HTTPS-based use.
Application Access Policy
- To ensure appropriate access rights, we adopt the role-based and least access privileges policies while creating accounts, adding users, or giving access rights.
- You can restrict specific IP Addresses from accessing a Trackier account.
- Email alerts and notifications can be configured to send every activity taking places in a customer’s account.
- There are provisions for users to sign out from all of their signed-in sessions.
- Disable or delete users at any time.
- Auto logoff if a user changes the password or if the user profile is disabled or deleted.
- All Trackier employees must undergo mandatory training on data protection and security.
- Trackier is committed to implementing industry best practices and security standards across policies, procedures, technology, and people on an ongoing basis.
- ISO 27001:2013 (ISMS) and BS 10012:2017 (PIMS) standards certified.
Multi-Tenancy: All Trackier customer data is hosted on our cloud data centers and is segregated logically by the Trackier application.
Network Security: Trackier is hosted on secure servers managed by Google Cloud Platform. Any physical access to the Google Cloud Platform data centers is restricted for everyone. Firewalls are configured by using industry best practices, and all unnecessary ports are blocked. Internally, Trackier uses VLAN for private networking, so the data flow is secure from public networks.
Product Security and Privacy: Trackier has introduced different setting configurations to make sure that personal data is anonymized before storing it on Trackier servers. All data passing through Trackier servers is encrypted or hidden to ensure visitor privacy.
Data Breach Response: In the event of a breach in data security, Trackier will promptly notify you within forty-eight hours after the breach is detected. We have incident management policies and procedures to handle any such events or emergencies.
Disaster Recovery: Trackier is hosted on Bare Metal Servers managed by Google Cloud Platform, an SSAE16-certified data center located in Singapore. Configuration data is distributed through a wide network of Content Delivery Network (CDN) and servers hosted at 10 locations in 8 countries. Trackier does not store any customer data locally.
Session Management: Every time a Trackier user signs in to the Trackier account, the system assigns a new session identifier for the user. The session identifier is a 64-byte random generated value to protect the account against brute force attacks. All sessions time out after 7 days, requiring the users to sign in to their account again, and the currently active sessions are set to time out after 4 hours of inactivity. For optimal performance, you can configure to terminate all sessions after 15 minutes of inactivity.