Security
Got security questions? Here are answers to the most common questions
Does the software collect to store any customer data?
Attributer does not collect or store any data on your website visitors, leads or customers.
Attributer is a small bit of Javascript code that you place on your website. When a visitor lands on your site, some logic runs to determine where they came from and categorise them into a series of channels (Paid Search, Organic Search, etc). The Javascript then sets a first-party cookie in the visitor's browser and stores the attribution data in it.
Then, when a form is loaded on your website, the Attributer code looks for form fields with specific names, ID's or default values in the HTML and writes the attribution information into those fields.
Finally, when the visitor submits the form, the attribution information that Attributer wrote into the hidden fields is captured by your form tool.
Everything happens in the visitor's browser and at no point in time does any data actually hit Attributer servers (we don't even have servers capable of receiving and processing the information).
When you sign up for an Attributer account, we do capture and store the following information about you (or the employee of your organization that created the account):
- First Name
- Last Name
- Email Address
- Company Name
In most cases, this is information that could easily be gathered through tools like Apollo or Zoominfo and is generally not considered a security risk.
With regards to payment details, we use Stripe for all credit card handling and billing. Stripe is the defacto payments platform for internet businesses and processes payments for the likes of Amazon, Google, Instacart, Lyft, Peloton and more.
Stripe is PCI-Certified (the highest level of certification in the Payments Industry) and all card numbers are encrypted at rest with AES-256 encryption.
Is your application scanned against security vulnerabilities?
Attributer does not do any penetration testing.
Because we don't store any commercially confidential data about you, your organization or your website visitors, we don't believe that penetration testing (which costs several thousands of dollars to do each time) is a high priority for our business.
Do you have any certifications such as ISO 270001, SOC2, etc.
No. Because we don't store any commercially confidential data about you, your organization or your website visitors, there is really no need to have certifications like this.
How frequently do you release updates?
Regularly.
For example, in 2022 we released a new version of the Attributer product more than once per month.
These releases were a combination of new features, support for more form builders and tools, and iterations of the code to adapt to changes in browsers, operating systems, and device technology to ensure correct data is being recorded.
How do you test Attributer to ensure the data is accurate?
We maintain 3 environments for Attributer; development, testing and production.
We develop and do light testing of changes in the development environment before pushing any potential releases to the test environment.
Once in the test environment, we carry out over 1,500 manual and automated tests to ensure the data is accurate before pushing the latest release to production. These tests include testing different combinations of UTM parameters and organic channels across multiple devices, browsers, and operating systems. We also test each of the form tools we support.
Only once all those tests have been passed do we push to production.
On top of this, we also regularly run tests on production to ensure we're the first to know if changes to browsers, operating systems, etc impact the data Attributer provides
I have another question. How can I contact you?
We'd absolutely love to hear from you and answer any questions you have. You can contact us here.
Get Started For Free
It's free to get started with Attributer, and paid plans start at just $49 per month