Security
Got security questions? Here are answers to the most common questions
Does the software collect to store any customer data?
Attributer does collect or store any data on your website visitors, leads or customers.
The main Attributer product is a small bit of Javascript code that you place on your website which stores the attribution data in a cookie and then writes it into hidden fields in your forms. This all happens in the visitor's browser and at no point in time does any data actually hit Attributer servers.
When you sign up for an Attributer account, we do capture and store the following information about you (or the employee of your organization that created the account):
- First Name
- Last Name
- Email Address
- Company Name
In most cases, this is information that could easily be gathered through tools like Apollo or Zoominfo and is generally not considered a security risk.
With regards to payment details, we use Stripe for all credit card handling and billing. Stripe is the defacto payments platform for internet businesses and processes payments for the likes of Amazon, Google, Instacart, Lyft, Peloton and more.
Stripe is PCI-Certified (the highest level of certification in the Payments Industry) and all card numbers are encrypted at rest with AES-256 encryption.
Is your application scanned against security vulnerabilities?
Attributer does not do any penetration testing.
Because we don't store any commercially confidential data about you or your website visitors, we don't believe that penetration testing (which costs several thousands of dollars to do each time) is a high priority for our business.
Do you have any certifications such as ISO 270001, SOC2, etc.
No. Because we don't store any commercially confidential data about you or your website visitors, we see no need to have certifications like this (they take a lot of time and resources to get and we'd rather put that effort into other areas of our business)
How frequently do you release updates?
Regularly.
For example, in 2022 we released a new version of the Attributer product more than once per month.
These releases were a combination of new features, support for more form builders and tools, and iterations of the code to adapt to changes in browser, operating system, and device technology to ensure correct data is being recorded.
How do you test Attributer to ensure the data is accurate?
We maintain 3 environments for Attributer; staging, testing and production.
We develop and do light testing of changes in the development environment before pushing any potential releases to the test environment.
Once in the test environment, we carry out over 1,500 manual and automated tests to ensure the data is accurate before pushing the latest release to production. These tests include testing different combinations of UTM parameters and organic channels across multiple devices, browsers, and operating systems. We also test each of the form tools we support.
Only once all those tests have been passed do we push to production.
On top of this, we also regularly run tests on production to ensure we're the first to know if changes to browsers, operating systems, etc impact the data Attributer provides
I have another question. How can I contact you?
We'd absolutely love to hear from you and answer any questions you have. You can contact us here.
Get Started For Free
It's free to get started with Attributer, and paid plans start at just $49 per month