UserExperior genuinely cares about users’ privacy, that’s why we give our clients complete control over what data is sent to UserExperior.
Data Collection: UserExperior used by organizations to improve their app experience. We are not an "ad-tech," or "data enrichment" provider; we store and process only the data our customers send to us, and never sell, transfer, or combine that information with data from other sources. UserExperior collects the data for analytics purposes only.
Sensitive data: UserExperior is built keeping privacy at the heart of our business. UserExperior does not explicitly track any PII or sensitive information of the user. It only stores the data that is being sent to UserExperior. We provide APIs that help organizations control what they want to send to UserExperior. We also provide APIs that can block any sensitive information from being captured by UserExperior.
App Store & Play Store Policies
All apps submitted to the app store and play store are reviewed based on different technical, design, and content aspects. Your app should meet their requirements and you’re responsible to meet their compliance requirements. Read more about Apple requirements here . Read more about Google Play store requirements here.
Disclaimer for user's data and privacy:
THIRD-PARTY SOFTWARE/SERVICE PROVIDERS
We use UserExperior, which is a digital experience monitoring solution. UserExperior may record: Screens visited, Interaction patterns (such as screen actions, gestures: taps, scrolls), Session Details (such as number of sessions, length of the session, API calls happen in the session), Device details (Type, Version, Model, Operating System). We are using the information collected by UserExperior to improve our app.
UserExperior stores and processes this information on our behalf and may contain personally identifiable information although we proactively remove it where possible.
Types of Data
UserExperior collects only the Usage Data (i.e device interaction) by default, as defined by Apple. While it’s possible to send other types of data through our SDK, that’s not by default and can be defined by our customers. If you wish to send any other information please make sure that you select all the data type options accordingly. E.g. if you send a user ID, you should select Identifiers.
iOS 14.5 Updates ‘AppTracking Transparency‘
After the release of iOS 14.5, all apps must use the AppTracking Transparency framework to request tracking permission from their users to access the iOS advertising identifier (IDFA).
Note: UserExperior does not use the IDFA, therefore our SDK does not require an opt-in dialog.
This permission will be requested via opt-in with a dialog similar to the request to send push notifications or location services. See the screenshot below for reference:
Please note that the App Tracking Transparency guidelines only apply when your app uses or collects the IDFA. Since UserExperior does not use the IDFA, the use of our SDK does not require explicit tracking permission.
What is IDFA?
The Identifier for Advertisers (IDFA) is an anonymized unique identifier—a mobile ad ID (MAID)—assigned by Apple to a user's device that allows an installed mobile application to track user behavior across other companies’ apps, websites or offline properties for the purposes of ad targeting, personalization and measurement.
Instead of using the IDFA, UserExperior uses a Vendor Device ID which is a random UUID tied to the app publisher.
Personally Identifiable Information (PII) is any information that can identify and track the individual entity or any other information that is linked to this individual.
According to GDPR, PII is defined as:
“Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”
Examples of the PII data:
- Email Address
- Phone number
- Home Address
- ID number
- Date of birth
- Credit card number
- Job position
Make sure you identify all the PII data in your app and before sending sessions to UserExperior, mask sensitive views or elements using the masking Sensitive Views API in Android, masking Sensitive Views API in iOS.
UserExperior does not track and store the IP address of the users.
UserExperior takes privacy & security of the data and our assets very seriously and are committed towards privacy & security. We have taken the following steps in implementing our privacy & security policies.
UserExperior periodically conducts security testing of its application & infrastructure through third party service providers to get an outside view of the security of our systems.
Our customer has the choice of what data to record. You can and should exclude any PII of the user.
Exclude Sensitive Views
We provide various client-side API, enabling you to block sensitive views to prevent tracking user information.
UserExperior uses 256-bit AES encryption both at rest and transit and transmits the encrypted data over https call.
UserExperior stores the data in AWS cloud storage.
Compliance & Certifications
UserExperior is GDPR compliant. SOC 2 Type 1 Certified and ISO 27001 certified. Note: Our SOC 2 Type 2 will be completed by November 2022.
UserExperior by default deletes all the data collected after a period of 30days. We do not maintain any archives of your customer data. If your customer requests you to delete all their data collected by UserExperior, you need to send an email to firstname.lastname@example.org and request for deleting the data. We will delete all the data and send a confirmation of the deletion.