We are committed to maintaining the highest standards of privacy and data protection. Here is an overview of the data we track and store on our servers.
Learn more about the user identification process here.
Limited data tracking - We only track data necessary to operate Product Fruits and data that you explicitly consent to us tracking. Consent is granted by passing the information to Product Fruits, meaning that when you provide us with user data, you are giving us permission to store and use that data for the specified purposes.
We highly recommended not to insert any sensitive content (e.g., passwords, other users' emails) into Product Fruits content (such as tours, hints, announcements). Additionally, hashing user data whenever possible enhances security by protecting user identities.
We utilize Amazon Web Services (AWS) for our server infrastructure.
All data is stored in an AES-256 encrypted database. Data transmitted to your end-user browser is encrypted via SSL/TLS.
Product Fruits systems and infrastructure are continuously monitored through automated systems and we are able to detect and respond to potential threats in real-time. Regular penetration tests are conducted by third-party security experts to identify and mitigate vulnerabilities. Our infrastructure is also regularly monitored and tested by AWS.
By default, our servers and all data are stored in the EU region. Your account and associated data are automatically managed within this region. Our default server location is in Ireland. We also provide US-based instances upon request.
We are fully compliant with GDPR and have ISO 27701, SOC 2 Type 2 certification. Regular audits are conducted by certification authorities for ISO 27001 and SOC 2 Type 2.
Upon making an account with us, you agree to our Data Processing Addendum.
For further details, you can download our security certifications: