Security & GDPR

Privacy by Default / by Design. Always Encrypted. Always Secure.

Security & GDPR

Designed and Implemented by the world’s most respected security experts

Top of mind: EU's GDPR. It doesn’t matter what a platform can do for an enterprise in 2018, enterprise CIO’s won’t allow unprotected data. We’ve spent years investing and preparing for GDPR. The result, an advanced analytics platform that can both analyze aggregate data, while still supporting fraud and customer success research.


Compliance while also supporting your business needs

We’re serious about Privacy


Complete Removal

Some of our Enterprise customers have no need to collect PII data. In such cases, Quantum Metric removes all personally identifiable information


Pseudonymization

Pseudonymization is a process where sensitive information is removed at the time of collection from the bulk of the data, a process specifically encouraged by the GDPR. Quantum Metric then encrypts this data with only a key our clients possess.

PII Data Scrubbed


Any information that can be used to re-identify a user such as:

  • Name
  • Email
  • Phone
  • Address
  • Cookies
  • API/XHR Headers, and Data
  • IP Address
  • Order #’s

Simple configuration, automatic analysis. It just works.

Privacy by Design / by Default

In cases of fraud investigation, Quantum Metric uses pseudonymization and military grade protection to ensure PII is safe and protected. When reviewing segments, if a search results in a filtered set of results that is likely to reidentify a user, Quantum Metric will immediately prompt and audit the reason for re-identification.

Additionally, every session replay capture will not decrypt by default. If there’s a need to re-identify and/or decrypt data within a session, Quantum Metric will immediately prompt and audit the reason for re-identification.

Automatic Detection of PII Data

The most well-configured systems may be forgotten when a new release is being pushed out the door. In some cases, remembering to audit if Names and Address and other PII data is being collected can slip by the check list. With EU’s GDPR fines, there’s no option to let PII Data slip by.

Quantum Metric is the first digital experience analytics platform to automatically search for and alert on PII data being captured without removal. Deployed into the QA environment, Quantum can self-alert for updated configuration prior to having a costly GDPR mistake.

We're Serious About Security

Yes, of course we encrypt in transit, and encrypt at rest (including backups). In 2018, everyone does that.

But how do you keep your data secure in today’s cloud environments?

Security Features

Quantum Metric takes securely maintaining your data very seriously. We go above and beyond in order to ensure that you never have to worry about our infrastructure or network security. With QM you can rest easy knowing that your data is safe with us.


secure data storage

Secure Data Storage

For both SaaS and enterprise deployment, all data is immediately encrypted on disk to further ensure your data remains safe and only accessible by you and your staff.

secure data storage

Secure Data Viewing

For both SaaS and enterprise deployment, all viewing of data requires SSL. For SaaS, our certificates are 2048 bit RSA, signed with SHA256. Enterprise deployments require SSL, and their encryption proerties are determined by your enterprise standards.

secure data storage

Secure Data Ownership

Your data is safe with us. Data collected is always encrypted. It is never shared. PII data, including CC #'s, CVV2, and SSN's, are automatically excluded from capture, and additional fields can be excluded. Excluded data is never sent over the wire, keeping sensitive data safe.




Secure Data Center

Quantum Metric Saas runs on the secured Google Compute cloud, a SOC 2 certified data center. Enterprise deployment runs within your data center or your cloud provider.

Forward Secrecy SSL

Quantum Metric is committed to your data security and is fully compliant with forward secrecy, a commitment to keeping your data secure.

Simple configuration, automatic analysis. It just works.