Keeping data secure is paramount to Smartlook. As such we have held ourselves at a standard which not only complies with legal requirements, but also take steps to ensure trust with customers’ data.
Data is encrypted at rest using 256-bit Advanced Encryption Standard (AES-256) algorithm. Smartlook uses SSL/TLS encryption (Secure Sockets Layer / Transport Layer Security) and the latest security standards to protect your data. All incoming and outgoing data from our servers is encrypted. Smartlook is PCI compliant and DSS compliant.
Our infrastructure is primed to deal with any potential data failures. Smartlook chooses to have it’s infrastructure hosted by AWS, which is ISO27001 and S0C2 certified. All data is backed up daily to assure security and ensure that our customers have 24-hour access.
Monitoring of Smartlook systems’ efficacy is routinely monitored to catch performance issues. This often means that our dev team can make adjustments and changes when needed to
solve problems before customers experience them.
Access to Smartlook accounts is authenticated using passwords stored in hashed format using bcrypt. Authentication is required to access any internal resources. All sensitive data is automatically masked and therefore not recorded and access to customer data is limited to employees who require it only for service and maintenance procedures.
In addition to our data security methods, Smartlook empowers our customers to take control of what is recorded. By connecting via our API, full customization of sensitive data masking is possible.
Smartlook gives you many options to customize which data is recorded. Be it data logs, mobile devices, IP addresses or form inputs; Smartlook allows you to decide what is and isn’t necessary. If you have visitors from within or outside of GDPR regulations, you can tailor the settings to your specific requirements.
Legal requirements about personal data collection may vary across countries in the world. It’s best to consult a local lawyer in your country if you are unsure about your legal obligations in this area.
If one of your visitors doesn’t want to be tracked by Smartlook on your website, you can send him link to our opt-out page.
Yes. Tracking behavior and movement of your visitors using Smartlook is legal, just like using Google Analytics or other services for tracking visitors on your website.
From a legal point of view, it’s important if you record personal data of visitors using Smartlook. This is something you can set up in Smartlook. On most websites the only place where visitors might fill in personal data are forms. To ensure Smartlook doesn’t record any personal data, simply disable recording of form inputs in Smartlook settings.