Monitoring made
GDPR andprivacy compliant

Hosted in the EU and no PII is being tracked. Even browser details are splitted up into pieces before reaching our servers.

Join Now See Pricing

Intro

Privacy and security
for everyone, by default

When we began to develop RUMvision, guaranteeing privacy and security was one of our top priorities. This page explains how we collect, use, keep, and erase data for all users, not just EU residents.

Located in the Netherlands (EU)

Developed, hosted, and operated in the Netherlands, you need not worry about your data being transferred outside of the Schengen-EU.

DPA Available

We offer a DPA to EU consumers. Our DPA includes GDPR-compliant contractual conditions that represent our data privacy and security commitments.

What we do track

To find out if users are new or if they are actually returning visitors or if they are viewing multiple pages in a row, we do use localStorage and sessionStorage.

  • FYI

    What you should know

    RUMvision gathers information from actual user traffic. RUMvision collects no personally identifiable information (PII) such as IP addresses, names, email addresses, or other metrics that could be used to identify a user.

    We do provide extended tracking, such as tracking by country. However, it's up to you to enable this feature and notify your customers.

  • Privacy by default

    How our snippet works

    We collect data through a snippet that is installed on your website. This snippet only collects data on the pages you've specified as being tracked. Our snippet tracks (anonymously) user experiences using Javascript. For this we do use LocalStorage, so we can keep track if a user is a first time or recurring visitor within a page.

  • Data processors

    What happens with the data?

    All visitor data is exclusively processed with servers in the EU. Because we believe in complete transparency, this is precisely what happens with the data:

    • The data collected by the snippet, is submitted to AWS in Frankfurt. [their privacy­statement is here]
    • Data is fetched and transformed by a Dutch server and saved into Elastic Search [their privacystatment is here]
    • When using our monitoring application, we are fetching this data from Elastic Search via Dutch datacenter BIT
    • RUMvision itself is fully operational from Groningen, Netherlands HQ. Everything, including development and support, is done here.

FAQ security + privacy information

Looking for other questions about or solution, tracking, dashboarding or account and users? See our general FAQ instead. Extra questions, reach out to support!

Account security

  • CSRF tokens make it impossible to replicate any process in this environment. Even if an account holder outside of the RUMvision environment unexpectedly falls for phishing, for example, no unwanted actions can be taken from the outside.

    But if someone physically logs in illegally on behalf of someone else, any risk remains. Two-factor authentication can be turned on for each account to prevent this from happening. We strongly recommend this!

    In addition, the use of third party packages and solutions is limited in the realization of this online environment. We mainly use Bootstrap and JQuery in our website and app solution.

  • Enabling 2FA (two-factor authentication/multi factor authentication) is a security measure that we strongly recommend.

    All time-based 2FA authenticators, such as Google Authenticator, Microsoft Authenticator, and Authy, are supported. Simply sign in to your account, navigate to profile settings, and select "setup 2FA." Scan the QR code with your preferred authenticator and enter the generated token. Your account now has 2FA enabled!

GDPR

  • Aside from the data processors we use for handling the collected data through our snippet, we have a couple of additional processors:

    • Mollie - They are our Payment provider
    • Sendgrid - This is our e-mail delivery provider, we make use of their services to send our automated e-mails (for registration, alerts, etc.)
    • Microsoft/ Office 365/Teams - for webinars and demo's
    • Google - we use Google Analytics for analyzing our website

    To recap, our other data processors are:

    • AWS - Frankfurt
    • Elastic Search

  • When you use our services, we will gladly provide you with a Data Processing Agreement (DPA). Please keep in mind that we do not support custom DPAs; instead, we provide you with one that we use by default. We don't employ a large legal team to make changes because we are a small team with a strong focus on site speed, as we hope you understand.

    Just reach out to info op rumvision punt com and ask for Karlijn!

  • We do! Here you go:

    We utilize RUMvision as an analytical tool on our website to track user experience related to page speed and web performance. This data is collected anonymously through a small snippet of JavaScript code, allowing us to optimize and enhance your browsing experience.

    It's important to note that RUMvision does not collect any personally identifiable information (PII) such as IP addresses, names, email addresses, or other identifying metrics. However, it may collect information such as device memory, browser, internet speed, and data indicating whether a user is a first-time or returning visitor, or clicking through our site. This data is collected through LocalStorage and SessionStorage in your browser and is not shared or combined with other parties.

    As a tool located in the Netherlands (EU), RUMvision is fully GDPR compliant, and we take your data and privacy seriously. We ensure that your information is protected and that your privacy is always respected.