Your site and visitor data are safe with Pretty Social Media. There are a number of steps we take to ensure you are the only person who can access your site data and that your visitors’ privacy is respected.
All data Pretty Social Media collects is stored electronically in NYC, USA. The database containing visitor and usage data is only accessible from the application servers and no outside sources are allowed to connect to the database. Our data retention times are no longer than 30 days.
- Site visitors are assigned a unique user identifier, UUID, so that Pretty Social Media can keep track of returning visitors without relying on any personal information, such as the IP address.
- IP addresses of visitors are always suppressed before being stored. We set the last octet of IPv4 addresses, all connections to Pretty Social Media are made via IPv4, to 0 to ensure the full IP address is never written to disk. For example, if a visitor’s IP address is 18.104.22.168, it will be stored as 22.214.171.124. The first three octets of the IP address are only used to determine the geographic location of the visitor.
Data collection and transmission
- Firewalls are in place exposing only the necessary ports through the internet and between different servers.
- Pretty Social Media transmits data from the visitor’s browser to our systems using HTTPS if the site which is using Pretty Social Media uses HTTPS.
- The protocols and ciphers suite used to encrypt data in transfer is available at the end of this article.
HTTPS / HTTP
If the site running Pretty Social Media uses HTTP and not HTTPS, the data transmitted to our servers will not always be encrypted. We always suggest using HTTPS when using Pretty Social Media so the data transferred is always encrypted.
Data access and authentication
Only Pretty Social Media engineers which require such access to perform their job efficiently are given access. Different engineers are given different access rights on different system components as well depending on what their job requires. Engineers who do have access, have their own credentials and these are only valid when used from specific IPs. SSH Key-Based authentication is used for server access.
Compliance, certifications and audit reports:
Our hosting provider is currently working towards ISO-27001 Certification. Having already completed a SOC2 third-party audit and are actively involved in the EU-U.S. Privacy Shield Framework.
Further information can be found here https://www.digitalocean.com/security/compliance/
Pretty Social Media Architecture & Security
Data in transfer is encrypted using the following protocols and ciphers:
Full report can be found here: https://www.ssllabs.com/ssltest/analyze.html?d=connectignite.com&latest