Data Security & GDPR

Which type of data does Oribi track?

We only track fully anonymous data by default.
Oribi processes non-identifiable data for your site visitors. Any information is fully anonymous and isn't connected to an individual. By default, we do not save any personal data, such as email addresses or exact locations of your visitors.

Where is my data stored?

We process and store all data in world-renowned data centers on the Amazon Web Services infrastructure in the United States, which use state-of-the-art multilayer access, alerting, and auditing measures.
Our database servers run inside an Amazon Virtual Private Cloud, which is only accessible from the application servers and no outside sources are allowed to connect to the database.

What is the GDPR?

The General Data Protection Regulation (GDPR) is a new set of rules to protect EU-based, personal data of prospects and customers.
On May 25, 2018, a new regulation called the General Data Protection Regulation (GDPR) came into force, intended to strengthen and unify data protection for all individuals within the EU.
This means there are new rules to follow when it comes to collecting, tracking, or handling the personal data of EU-based prospects and customers.

Is Oribi GDPR compliant?

Yes. We make sure you can use Oribi with full confidence.
The General Data Protection Regulation is a new set of rules that gives EU citizens more control over their personal data, which is any information that could be used to identify an individual (such as your name, your email address, or your exact location).
We value your privacy and the privacy of your website visitors, and we make sure that you can continue serving your EU customers worry-free.
Oribi collects only fully anonymous data.
We do not save any personal data, such as email addresses or exact locations of your visitors, by default. Visitors in the Visitor Journeys are displayed with an automatically assigned number, so no information can be connected to a specific individual.
In addition to that, you can also exclude specific IP addresses. In this case, Oribi will not track any action of this visitor at all.
We make sure that you can use Oribi with full confidence and continue watching for any updates in the GDPR requirements.
If you have any questions, contact us.

How does GDPR impact Oribi’s users?

Both Oribi and its users will need to comply with the requirements of the GDPR if processing data of EU residents.
The GDPR regulates the “processing” of personal data of any EU resident. “Processing” includes the collection, storage, transfer, or use of personal data, i.e. data that can identify an individual, such as an email address or a name.
This means that any company that processes the personal data of any data subject, regardless of where the company is based, is subject to the rules of the GDPR. Both Oribi as the data processor and Oribi’s user as the data controller will need to comply with the requirements of the GDPR.

Does Oribi collect data?

Oribi processes the data of our users.
GDPR separates between the “data processor” (here: Oribi) and the “data controller” (here: Oribi’s user).
The data controller collects data from the data subjects (i.e., the visitors of our users) and says how and why personal data is processed. The data processor receives the data from the data controller and acts upon instruction from the data controller. The data that is sent to Oribi is anonymous by default.
If you decide to use Oribi’s email integration feature, different requirements may apply for you as the data controller. For more information, please visit the Regulation (EU) 2016/679.

How can I access/delete personal data processed by Oribi?

You can request at any time an export or deletion of your or your visitors' personal data that has been processed by Oribi.
To do so, please write your request to