How the most successful companies build better digital products faster.
How the most successful companies build better digital products faster.
How the most successful companies build better digital products faster.
Keeping customer data private and secure has never been more important. At Quantum Metric, we take this responsibility very seriously. We provide three capture options that occur on your customers’ devices, at the point of capture.
Three capture options: capture, do not capture, encrypt
For most web pages or app views, the data we capture is relatively harmless. For example, data that’s displayed on a product detail page is already public. Or, a text string that a user enters into a search field isn’t sensitive.
However, there are clear situations when sensitive data should not be captured, for example, personally identifiable information (PII) such as social security numbers or PCI DSS data such as credit card numbers. Out of the box, Quantum Metric automatically blocks capture of sensitive data, and you can easily set up additional data that should never be captured. Meaning: Sensitive data is never captured.
There are some situations when sensitive data needs to be captured, for example, a user’s name and address or a purchase order number. However, to protect identifiable data and stay compliant with GDPR and CCPA, we use public / private key pair encryption, and only you own the private key to decrypt sensitive data. This technique, known as pseudonymization, is recommended by GDPR and CCPA.
Once data is captured, it’s sent encrypted via a forward secrecy SSL connection, to the Quantum Metric cloud service, hosted in a secured Google Compute cloud. Our certificates are 2048 bit RSA, signed with SHA256.
Data is stored in the Google Cloud Platform (GCP) region closest to your location. Additionally, Google uses the Advanced Encryption Standard (AES256) algorithm to encrypt data at rest. For detailed information about Google’s security, please visit https://cloud.google.com/security.
Access to data within our platform can be restricted via Single-Sign-On (OpenID and SAML 2.0) to ensure that only specific team members have the ability to view user data. In addition, we provide the ability to audit all attempts to access user data and track reasons for access.
Our Teams functionality provides role-based permissions to simplify user management while ensuring full control over sensitive data and compliance with GDPR, CCPA, etc.
Watch an on-demand demo for a quick look into the platform or request a personalized live demo.
Watch a demo