VWO servers are used to transmit and store visitor information from the tests running on your websites.However, by default, VWO identifies and anonymizes any Personally Identifiable Information (PII) or sensitive data of users before storing the data on our serves. For example, passwords, social security numbers, phone, card information, and other details. To learn more about how to anonymize or whitelist your website data in VWO recordings, click here.
For deleted or expired accounts, the data is deleted between 45 to 90 days after the date of expiry. For priority cases, you can write to VWO support requesting immediate deletion of accounts or specific user data. VWO may retain PII only as required and permissible by applicable laws, and for such period by applicable laws.
- Location Information – For accounts that are using reports segmentation option, the location information helps to filter user based on their geographical location or region. You can customize what level of location information you want to track. To learn about location settings, click here.
- IP Addresses – By default, the last octet of any IP address is anonymized before storing it to VWO servers. You can select different format of anonymization formats to store the IP information. To learn how to change anonymization option for IP address, click here.
- Cookies – Visitor UUID and cookies to identify variation accessed and the user journey is pseudonymized using a one-way hashed value.
- Custom Dimensions – As a policy, VWO does not recommend sharing any personal information with VWO. However, in situations where it becomes mandatory to share such data, we recommend the use of a salt with minimum hashing requirement of SHA256, with a minimum of 8 characters. To learn about using Custom Dimensions in VWO, click here.
- Email Addresses – If you have VWO surveys running where email addresses are collected, VWO encrypts all survey responses by default.
VWO has established policies and procedures for the disposal of electronic and physical media containing PII, sensitive and confidential information and ensure data security of its servers. We recognize that media containing PII may be accessed and reused if safety precautions are not taken to protect the data.
PII Data Deletion
- Destruction/disposal of PII data and information media is done in accordance with Federal Data Protection laws and regulations and pursuant to the VWO’s data retention policy/schedule.
- If any media is being reused, all PII and confidential data shall be rendered inaccessible, cleaned, or scrubbed. All media is formatted to restrict future access.
- VWO externals services and third-party vendors, upon termination of the contract, shall return or destroy/dispose of all PII, sensitive, confidential and any data. In cases where the return or destruction/disposal is not feasible, the contract limits the use and disclosure of the information to the purposes that prevent its return or destruction/disposal.
- Any disposed media containing PII and confidential data is disposed of making sure that the data cannot be readily recovered or reconstructed.
- The methods of destruction, disposal, and reuse are reassessed periodically, based on current technology, accepted practices, and availability of timely and cost-effective destruction, disposal, and reuse technologies.
- VWO will sanitize all electronic media to ‘clear’ or ‘purge’ PII, sensitive, and confidential information stored in accordance with NIST Special publication guidelines. If the media cannot be ‘cleared’ or ‘purged’, then it must be ‘destroyed’.
Disposal of Media with PII
- Media containing PII, sensitive and confidential information shall be stored and disposed of in safe and secure environment.
- Devices containing PII, sensitive and confidential information shall be physically destroyed, and the information should be destroyed, deleted or overwritten using techniques to make the original information non-retrievable.
- All unusable hard disk drivers shall be erased securely using a Degausser.
- A record of all media disposed and the relevant authorisation forms for such disposal shall be maintained for record and audit purpose.