Data & Cookie Policy
Introduction to Wisepops
Wisepops is an on-site marketing solution that provides website owners with the ability to display targeted campaigns such as popups, notifications, bars etc. These campaigns can be subscriptions to newsletters, promotions, new product announcements and more.
An email pop-up example
Our Commitment
We guarantee that we will never:
Sell or share your email address or other personal information that you provide in a popup form.
Send you emails or contact you for any purpose.
Display third-party ads on the website you visit.
Information We Collect about You as a Visitor
Browsing Information
For internal targeting purposes, we collect certain details about your browsing history on websites where Wisepops has been implemented. This information helps us determine if you match a particular display scenario set by the website owner. The details include:
Your last visit to the website
The campaigns you have interacted with
Any additional information attached to your visit by our customer (e.g., your last purchase date)
This browsing information is stored in a cookie on your computer, which expires after 2 years. It allows us to not repeat the same message to you. The information is not stored on our servers or anywhere else, and it cannot be accessed by other applications or used to track you across different websites. You can configure the cookie expiration delay or delete it by clearing your cookies.
Please Note: On Safari, due to the ITP 2.1 update, our cookies expire after 7 days as Safari clears all third-party data after this period.
Personal Details
Website owners may use Wisepops to collect personal information through popup forms. These details may include your email address, name, phone number, etc. When you submit these details, we also collect your IP address and country to help combat spam.
This information is stored on our servers and can only be accessed by the website owner and Wisepops employees. They are not shared with anyone else, except trusted services like Mailchimp for storing details and sending emails, and only with the website owner's approval. We don't store any other information that would allow us to identify you.
Wisepops Cookies
You can find a list of cookies used by Wisepops on this page. All these cookies are first-party, meaning they are linked to your domain, not Wisepops.
You can change the expiration delay of our persistent cookie and choose to use the browser's local storage instead of cookies.
Removing Your Personal Details
If you wish to have your personal details removed from our servers, please email us at social@wisepops.com. We will delete all the information we have about you within two working days.
Our Data Security Policy
Hosting and Infrastructure
Wisepops' servers are hosted by reputable providers, Amazon Web Services (AWS) and Google Cloud Platform (GCP), in the United States. Both providers adhere to the highest security and data protection standards:
AWS: Ensures data privacy, complies with GDPR, holds ISO 27001 certification, and provides data encryption both at rest and in transit.
GCP: Guarantees data privacy, complies with GDPR, holds ISO 27001 certification, and provides data encryption both at rest and in transit.
For more information about the domains involved when using Wisepops on your website, please refer to our guide on Using Wisepops with a Content Security Policy.
Preventing Unauthorized Access
We have stringent measures in place to prevent unauthorized access to your data:
Only our lead developers have access to production servers.
Secure Shell (SSH), with a private key or gcloud utility, is the exclusive method used to access our servers. FTP is not used, our database does not accept external connections, and we do not use tools like PhpMyAdmin.
Our servers are protected by a firewall.
Physical security measures are applied to our servers.
Additionally, we take the following steps to secure your account:
Wisepops.com access is protected by two Cloudflare technologies: Web Application Firewall (WAF) & IP reputation firewall.
Accounts are safeguarded against brute-force attacks with the Fail2ban solution.
Our application enforces the use of HTTPS.
Preventing Data Loss and Corruption
To prevent data loss and corruption, we:
Backup your data daily and retain it for seven days.
As part of our disaster recovery plan, maintain a backup of all calls to the machines handling popups on our customers’ websites on an AWS private S3 bucket.
Personal Data Storage
We store the personal details you provide us (email, password, name, etc.), which you can view on your account configuration page. For security purposes, we also collect your IP address, login dates, and user agent and store this information for one month via Google Cloud Logging.
We share some of your personal details (email, website, name, and login) with Segment, Mixpanel, and Intercom for internal use only. We remain the sole users and owners of this data.
Data Retention
We retain your data for two years. If your account remains inactive for two years, we permanently delete all your data, including:
Your company & billing information
Your campaigns
The data collected through your campaigns
We define inactivity as a lack of user interaction with our app (app.wisepops.com), and the absence of a recurring payment to maintain an active Wisepops subscription.
If you have any questions or concerns about our data security policy, please don't hesitate to contact us