How secure is Oribi?
Oribi is designed with a high level of security in mind. With Oribi, you can always be assured that any data stored by us remains safe, confidential, and accessible. By ‘safe’ we mean that the data will be protected against any type of loss or corruption, ‘confidential’ means access to the data is granted only to authorized personnel, and by ‘accessible’ we ensure that the data is available to authorized users whenever required.
How Oribi handles data
Oribi allows users to easily track and analyze their website data and provides valuable insights to strengthen your online efforts. The tool collects all clicks and other events coming from a User’s website. Providing the highest level of security for our Users and meeting the requirements of the GDPR and other privacy regulations, we don't save any personal data, not even the Visitors’ IP addresses, by default. Oribi's architecture was designed in a way we can offer aggregative and meaningful data without risking private data of our Users and our Users’ Visitors
What data Oribi captures
When a user signs up to the Oribi Services, we store the data provided through the signup form, such as their email address and their website. For paying Users, we also store personal data, such as payment information. It is each User’s voluntary decision whether to provide us with any such personal data, but refusal to provide any required data may result in us not being able to register the User and enable them to receive our Services.
Users’ Visitors data
By default, Oribi only collects non-identifiable information about our Users’ Visitors. Oribi stores the following information for the Visitors who visit the User’s website:
- Total number of visitors to the website.
- Total number of conversions for a User’s key metrics.
- Events performed during the Visitor’s sessions on the website.
- The channel a visitor came from.
- Platform and browser used.
- The country browsed from.
Where Oribi saves data
Like most SaaS tools, Oribi is hosted on Amazon AWS’ industry-leading, high-security servers in the United States of America, and in other jurisdictions as necessary for the proper delivery of our Services and/or as may be required by law. For further information, please visit Amazon S3, Amazon EC2, and Amazon Relational Database Service (RDS).
Oribi service providers that store or process your Personal Information on Oribi’s behalf are each contractually committed to keep it protected and secured, in accordance with industry standards and regardless of any lesser legal requirements which may apply in their jurisdiction.
How Oribi protects data
Oribi code is stored in a GitHub system. Oribi employs strict role-based security/passwords for access to the code. Commits to production code are strictly reviewed and approval is restricted, after passing Unit Testing and QA in Test and Staging. There is a daily backup of the database data in Amazon Web Service’s (AWS’s) S3 storage service.
Users are always connected to the Oribi web-app via HTTPS using Secure Sockets Layer (SSL), a cryptographic protocol that is designed to protect against eavesdropping, tampering, and message forgery. Users can assign roles and permissions to team members given access to the account or selected domains added to the account to ensure the appropriate level of access to their Oribi account.
Updated August 2nd, 2019.