VWO servers are used to transmit and store visitor information from the tests running on your websites. However, by default, VWO identifies and anonymizes any Personally Identifiable Information (PII) or sensitive data of users before storing the data on its servers. PII includes passwords, social security numbers, phone, card information, and other details. To learn more about how to anonymize or whitelist your website data in VWO recordings, click here.
For deleted or expired accounts, the data is deleted within 45 to 90 days from the date of expiry. For priority cases, you can write to VWO support, requesting immediate deletion of accounts or specific user data. VWO may retain PII only as required and permissible by applicable laws, and for such period by applicable laws.
- Location Information – For accounts that are using the reports segmentation option, the location information helps filter users, based on their geographical location or region. You can customize what level of location information you want to track. To learn about location settings, click here.
- IP Addresses – By default, the last octet of any IP address is anonymized before storing it on VWO servers. You can select different formats of anonymization formats to store the IP information. To learn how to change the anonymization option for an IP address, click here.
- Cookies – Visitor UUID and cookies information is used to identify variation accessed. The visitor journey is pseudonymized by using a one-way hashed value.
- Custom Dimensions – As a policy, VWO does not recommend sharing any personal information with VWO. However, in situations where it becomes mandatory to share such data, we recommend the use of salt with a minimum hashing requirement of SHA256, with at least 8 characters. To learn about using Custom Dimensions in VWO, click here.
- Email Addresses – If you have VWO surveys running where email addresses are collected, VWO encrypts all survey responses by default.
VWO has established policies and procedures for the disposal of electronic and physical media containing PII, sensitive, and confidential information which ensure data security of its servers. We recognize that media containing PII may be accessed and reused if safety precautions are not taken to protect the data.
PII Data Deletion
- Destruction/disposal of PII data and information media is done in accordance with Federal Data Protection laws and regulations and pursuant to VWO’s data retention policy/schedule.
If any media is being reused, all PII and confidential data is rendered inaccessible, cleaned, or scrubbed. All media is formatted to restrict future access.
VWO external services and third-party vendors, upon termination of the contract, return or destroy/dispose of all PII, sensitive, and confidential data. In cases where the return or destruction/disposal is not feasible, the contract limits the use and disclosure of the information to the purposes that prevent its return or destruction/disposal.
Any disposed media containing PII and confidential data is disposed of, making sure that the data cannot be readily recovered or reconstructed.
The methods of destruction, disposal, and reuse are reassessed periodically, based on current technology, accepted practices, and availability of timely and cost-effective destruction, disposal, and reuse technologies.
VWO sanitizes all electronic media to “clear” or “purge” PII, sensitive, and confidential information stored in accordance with NIST Special publication guidelines. If the media cannot be “cleared” or “purged,” then it must be “destroyed.”
Disposal of Media with PII
- Media containing PII, and the sensitive and confidential information is stored and disposed of in a safe and secure environment.
- Devices containing PII, and sensitive and confidential information are physically destroyed, and the information is destroyed,
- deleted, or overwritten by using techniques to make the original information non-retrievable.
- All unusable hard disk drivers shall be erased securely by using a degausser.
- A record of all media disposed of and the relevant authorisation forms for such disposal is maintained for record and audit purposes.