Our secure system architecture
We built the Usersnap feedback platform on the most modern, reliable, fast and secure platform. We are using a multi-tier infrastructure with security gateways protected by firewalls. Services, like data storage and more, can only be accessed by an application that requires access specifically for that service and only by personnel with certain authorization levels. Access information is securely stored outside our codebase and our data.
Our hosting data centers
The Usersnap software and all its services are hosted and managed within the European AWS’ (Amazon Web Services) secure data centers. These centers all come with certain certifications:
- SOC 1 and SOC 2/SSAE16/ISAE 3402
- ISO 27001
We use Amazon's hosting locations EU-west-1 (Ireland) and EU-central-1 (Frankfurt).
All services are only accessible from our Virtual Private Cloud (AWS VPC). We are using the available AWS services to protect data privacy and control access to our entire network. If you are interested in more specific details about these certifications, please have a look at the AWS compliance center.
Latest versions and security patches
We are working continuously to have the latest version of software and security patches installed.
Penetration and vulnerability scans
Our system is regularly audited and tested by a third-party security company who conducts penetration tests to identify any vulnerabilities. We are also using security tools to check for vulnerabilities of our code and watch-guard for potential risks. Each upcoming risk is reported, classified, and promptly fixed and patched.
We are working hard to prevent SQL injections, XSS vulnerabilities, and other common issues.
Redundant services and failover
Our services are built for failover. In case a service fails there are always redundant services to take over the job. This allows us to provide a consistent and reliable service to our customers. Our services are distributed throughout AWS availability zones.
All databases are replicated synchronously to quickly recover from a database failure. As an extra precaution, we take regular snapshots of the database and securely move them to a separate data center. Then we are able to restore them elsewhere as needed, even in the event of a regional data center failure.
Our system, servers, and networks are secured by various firewalls which are regularly checked and updated. We only provide one access path with open ports 80 and 443 for HTTP(S) traffic. All other systems, servers, and networks are protected and limited to our internal network. Only authorized personnel with a profound background check have access to our server infrastructure. The access to our data centers is secured through VPN and 2-factor authentication.
All data storages are not accessible to the outside/internet and are protected within our Virtual Private Network. Access to data stores with customer data is limited to systems that require this access. All data is encrypted while in transport by using enhanced encryption mechanisms like SSL etc.
All our connections are encrypted via Transport Layer Security (TLS) with version v1.2. We are currently working on encrypting all data in rest.
All production environments are separated from testing environments.
Compliant with General Data Protection Regulation (GDPR)
We are fully compliant with the EU General Data Protection Regulation (GDPR) which should help to protect personal data and give individual users more rights and control of their personal data. We are a processor in terms of GDPR. We are storing personal data (Personally Identifiable Information (PII)) in the form of name and email of users, browser information, operating system, screen sizes, URL, location, IP address (only in specific cases) and screenshots of browser content.
We are storing all data in the EU. If we have a sub-processor that is not processing in the EU, we ensure through an EU-US Privacy Shield and a DPA that the sub-processor has an adequate security standard.
For more information and our Data Privacy Agreement, please read our GDPR page.
Process only option and PII-protection
We offer the option of only processing visual feedback when using Usersnap Classic and not storing any of your personal data on our servers. In this case, all visual feedback items that are created, including screenshots, will be transferred to your systems and completely removed (not stored) on our servers.
Additionally, we offer the possibility by using our PII-protection feature to black-out confidential information from your website or web application before a screenshot is taken.
We demonstrate our company’s commitment to privacy. Please read our privacy statement.
Data segregation and data access
All accounts and data of each customer are separated by unique IDs. These can only be accessed by the customers’ team members. Our customer success team will only access a customer's account after a clear request by the customer.
Backups & disaster recovery
All data is backed up daily, secured by encryption, and stored for 30 days.
Deleted data is not removed from backups to allow for the possibility to recover in case of deletion. All previous backup data is removed after 90 days. We are reviewing our backups at least annually and simulate a full backup recovery.
Our system is storing logs to reproduce any faults or track security breaches. No personal data is stored within our logs. Activity logs are kept for 90 days.
Passwords & sessions
We can not retrieve any password as they are stored in an encrypted form. We encourage our customers to use strong passwords to increase their security and protection of their personal data. Every access to our application is secured by a session that is invalidated in case of unauthorized access or after a certain time of inactivity.
Federated Services & Single Sign On (SSO)
Besides the standardized email and password access to our system, Usersnap offers users the possibility to access our system by using Google OAuth. We are working hard to enable further SSO-options in the future.
Two-factor authentication (2-step security) is on our roadmap and we will provide you this type of enhanced security in the future.
Our system is constantly monitoring for unauthorized sign-in attempts on all accounts.
Permissions and roles
Usersnap offers different roles with different permissions within our system. Team owners have all access and managing permissions, while team members can manage all items within a project. Users are allowed to submit feedback and send in messages.
Secure transport via HTTPS
Our system enforces traffic via HTTPS (port 443). Requests to web resources and access to our REST API can only be obtained via SSL.
Our feedback platform uses industry-standard encryption algorithms.
The Usersnap development team uses a modern software development approach to ensure the development of secure, reliable, fast and flexible software.
We are using a revision control system (git, svn). Any changes to our source code base go through a suite of automated tests and are reviewed & approved by authorized persons in a code review. When code changes pass the automated testing system and manual reviews, the changes are deployed to a staging server. In this staging server, Usersnap employees are able to test changes before an eventual push to production servers and our customer base.
We also add a specific security review for particularly sensitive changes and features. Usersnap engineers can pick critical updates and push them immediately to production servers.
In addition to a list where all access control changes are published, we have a suite of automated unit tests that checks whether access control rules are written correctly and enforced as expected. We also work with third-party security professionals to protect your data.
Our team’s work and behavior are guided by various policies regarding security, compliance, and governance. All policies are reviewed at least annually and are approved by the board and management team. All employees are trained to comply with these policies.
Business Continuity Plan
To protect our business from major threats we established a business continuity plan to act providently and accurate in case of an emergency or disaster.
Corporate Security Policies
Access rights are based on an employee’s job function and role. Whenever possible 2FA is used for authentication. All data storages on employee devices that are provided by Usersnap are encrypted.
Our offices are secured by key cards. Our corporate network is only accessible through authentication. We collect logs produced by networking devices such as firewalls, DNS servers, DHCP servers, and routers in a central place. The network logs are retained for the security appliance (firewall), wireless access points, and switches.
In case of a security incident, we have a defined process of how to respond and which activities to initiate. All updates will be published on https://status.usersnap.com
Security is only effective if it is practiced regularly. That’s why our team and employees have to conduct security training outlined in our policies regularly after joining.
For your and our security, we are doing background checks on all employees in accordance with current laws.
All employees and partners have signed a confidentiality agreement protecting your personal data in accordance with EU law regarding GDPR. Every Usersnap employee and partner has to sign a Data Access Policy that binds them to the terms of our data confidentiality policies.
Payment processing & PCI compliance
All credit card payments paid to Usersnap are processed by our payment partner Stripe. Find more information about their security protection and PCI certification on their Security page. We have no access to your credit card information.
Requests regarding security
If you have questions regarding the security of Usersnap, please contact our security team via firstname.lastname@example.org.