VWO is committed to ensure protection of data subject rights by law or GDPR with specific guidelines on how to respect and fulfil user rights and privacy. This article explains how VWO servers receive and process user information associated with a customer website and the privacy policies to secure their visitor data.
All customer data on VWO servers is stored safely by using the AES 256-bit encryption, with stringent access control policies. VWO does not access customer data, and all information collected by the customer is subject to their privacy policies.
Through a strategically distributed CDN servers across 10 locations across America, Europe, and Asia-Pacific regions, VWO implements a highly scalable and fault-tolerant system. Our services are hosted on IBM Softlayer systems with EU-US Privacy Shield Certification that require stringent security and access control policies.
VWO stores customer information until the VWO account is active, and all data for expired accounts are deleted within 45 to 90 days after the date of expiry. For accounts which expired before the GDPR date (May 25, 2018), we are in the process of deleting the records. To delete data for a specific account, you can email us at firstname.lastname@example.org.