Data Compliance
Keeping your data safe and available is our highest priority. We provide state of the art data security and give you full control over the user data stored in our system.
Data security certification
SOC 2 is a compliance standard for service organizations, developed by the American Institute of CPAs (AICPA). The standard specifies how organizations should manage customer data. As of June 2024, Refiner has successfully completed the SOC2 Type II audit.
For more information about how we handle your data and a copy of our SOC 2 report, please visit the following two pages:
Data protection frameworks
Refiner is a fully GDPR and CCPA compliant survey solution. We provide multiple mechanism to give you full control over your user data.
You can find more information about data security & compliance at Refiner on the following pages:
Data lifecycle management
When you install our Javascript Web-Client or Mobile SDKs, you are typically identifying your users with a unique identifier. In addition, you might choose to send us additional user traits or track events.
The moment we receive user data from you, we’ll create a record in our database. By default, your user data is kept in your account until you delete the environment or cancel your subscription.
We provide various mechanism allowing you to delete individual user records on demand or delete old user profiles automatically after a certain time of inactivity.
Delete individual user records
At any given moment you can choose to delete individual user profiles or groups of users. You can do this on the User Segments page.
Purge all user data
The Data Settings page lets you purge all user data. This option is helpful if you finished testing and want to clean up your environment.
When purging user data, the following data objects are deleted from your environment:
- User Profiles: All user profiles that were created when identifying users or when an anonymous user responded to a survey for the first time. These profiles include user traits that will be deleted as well.
- Tracked Events: The events that were recorded with the “trackEvent” method of our web-client, through our API or Mobile SDKs.
- Survey Responses: The responses that you collected from your users using the surveys in your environment.
Purging user data will immediately wipe all above mentioned data from our system and the action can’t be undone.
All other data (surveys, traits, segments, dashboards, alerts, …) will persist and you’ll be able to continue using the environment.
Automatically remove old user data
In addition to manually deleting user data, you can also set time-based data retention policies.
You can choose to delete old user user – including their survey responses, traits, and activity records – after a certain time of inactivity.
Two options are available in under SETTINGS > DATA SETTINGS:
- Delete data of users that did respond to at least one survey after a certain time of inactivity
- Delete data of users that did not respond to any survey after a certain time of inactivy
The reference time for “Inactivity” is the moment we last saw the user on our end. Most of the time this means the last time they logged in to your app our navigated through your website.