VWO is committed to ensuring the protection of Data subject rights by law or GDPR with specific guidelines on how to respect and fulfil user rights and privacy. This article explains how VWO servers receive and process user information of customer website and the privacy policies to secure their visitor data.
All customer data on VWO servers are stored safely using AES 256-bit encryption, with stringent access control policies. VWO does not access customer data and all information collected by the customer shall be subject to their own privacy policies.
Through a strategically distributed Content Delivery Network (CDN) servers across 10 locations across America, Europe, and Asia-Pacific regions, VWO implements a highly scalable and fault-tolerant system. Our services are hosted on IBM Softlayer systems having EU-US Privacy Shield Certification requiring stringent security and access control policies.
VWO stores customer information until the VWO account is active and all data for expired accounts are deleted between 45 to 90 days, after the date of expiry. For accounts which expired before the GDPR date (25th May 2018), we are in the process of deleting the records. You can email us at firstname.lastname@example.org to delete data for a specific account.