SECURITY & COMPLIANCE

Committed to Privacy & Security

We are fully committed to providing features that help you be compliant with GDPR by taking a privacy by design approach. As well as partnering with the best in class security providers to keep all your data safe.

Security

Compliance

Fully compliant with GDPR & CCPA privacy acts

Security

Your data is safe, secure, and always available

Lawful basis and transparency

As part of our compliance to GDPR, we enter into Data Processing Agreements (DPAs) with all our customers. The DPA, a binding agreement signed between the controller and the processor when the latter processes data from the controller, details the standard contractual terms required under the GDPR.

Accountability and Governance

Air360 has appointed a Data Protection Officer to monitor GDPR compliance, assess data protection risks, advise on data protection impact assessments, and cooperate with regulators.

Air360 Privacy Rights

Privacy by default

Air360 automatically disallows the capture of any sensitive or personal data that a user enters in an input field of your web store.

Right to erasure

GDPR requires you to be able to delete a given user and all its related data. Air360 offers a function that will allow you to delete a specific user and related sessions with just a single click.

Restrict specific data acquisition

Air360 enables you to go further by also hiding explicitly parts of your pages from being recorded during session replays.

Right of access & data portability

You can retrieve specific user details simply by going through our application or using our API.

Secure data handling & protection

Limit Access to your data

Air360 follows strict data security regulations to ensure that we secure and limit access to your data.

Air360 Security Measures

Monitoring of our Tracking pixel

Constantly conducted to detect any malicious modification and ensure its delivery, integrity and safety.

State-of-the-art encryption

Used in all Air360 products for data in transit and at rest.

Multi-Factor Authentication (MFA)

Required for all our users to access to Air360 application adding an extra layer of security and keeping your accounts safe.

Third-party security audits

Conducted regularly and before major releases, including penetration tests and vulnerability scans.

Security best practices

Reviewed by third party companies regularly when important updates are performed on our systems.

Customer data processed & stored in the EU

Air360 core systems are hosted on OVHcloud and Amazon Web Services (AWS) servers located in France and Ireland and leverage all the security and compliance provided by OVHcloud/AWS: ISO (9001, 27001, 27017, and 27018), SOC 1, 2, and 3, PCI DSS.

FAQs

Once Air360 pixel is installed on your website when a new visitor lands on it, Air360 will generate a random unique identifier and it will be stored in a cookie. All the data collected by default is considered anonymous data as there is no information that can relate to an identified user (e.g. tracks all pages users visited, all mouse movements, clicks, scrolls.

Air360 tracks a user when they land on your site and that’s when a cookie is retrieved or created. By default, Air360 will track every single interaction your users have on your site. Then the data is processed and available in Air360 application.

We automatically track every single interaction your users may have on your site.

Clicks
Scrolling
Mouse over
Pageview

There is only one exception. We will never record what the user types in any text area of your website or app. This is for a very simple reason: We can never know how this information is.

We also collect information from users’ browsers as:

Browser language
Platform
Device
Operating system
IP address (*)

(*) IP address is only used to retrieve user’s geolocation, but it is not stored in our database.

Air360 tracks users using first-party analytics cookies, with an expiration of no more than six months.

Air360 does not collect any personal or sensitive data by default. The data that we collect by default can become personal data when you connect with our APIs to push user identifiers or user property data.

No, Air360 does not have any impact on the web performance.

Our Air360 pixel is loaded asynchronously with the page content.

Air360 production data is hosted in OVHcloud, France.

Air360 backup data is hosted in Amazon Web Services (AWS) facilities in Dublin, Ireland.

Committed to Privacy & Security

Security

Compliance

Security

Enabled compliance

Lawful basis and transparency

Accountability and Governance

Air360 Privacy Rights

Privacy by default

Right to erasure

Restrict specific data acquisition

Right of access & data portability

Secure data handling & protection

Air360 Security Measures

Monitoring of our Tracking pixel

State-of-the-art encryption

Multi-Factor Authentication (MFA)

Third-party security audits

Security best practices

Customer data processed & stored in the EU

FAQs

How does Air360 work?

How does Air360 track a user?

What data is collected?

What types of cookies are used?

Do we collect personal data?

Does Air360 makes your website or app slower?

Does Air360 sell data?

Where is Air360 data stored? (Data Hosting and Storage)