Inline Manual Menu

Security

Last Modified: May 22, 2018

Introduction

Information security is of paramount importance to Inline Manual, and all of our staff. We respect the trust of our customers and trial users in sharing confidential information. We are constantly developing our security infrastructure and processes to ensure the safeguarding of our customers' sensitive data.

Purpose

Inline Manual processes personal data only for purposes that are objectively justified by Inline Manual’s services to its subscribing customers, or for those on a trial of Inline Manual’s services. All processing is performed in accordance with the privacy rights, expectations and in respect of customer and trialists’ human rights as aligned with the principles and intent of the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Personal Data Directive). Inline Manual processes personal data both as a processor and as a controller, as defined in the Personal Data Directive.

Information Collection and Use

During a customer’s registration on Inline Manual’s sites, Inline Manual collects information such as company name, company, e-mail, location, telephone, IP address, browser and operating system version. This information is used to identify contact persons within the customer’s organisation in Inline Manual’s system, for billing and demonstration scheduling reasons and to be able to contact customers to provide necessary service and information. The information gathered will be used within the Inline Manual Group only.

Staff Practices

At Inline Manual, we treat matters concerning user data with the utmost importance.

Inline Manual implement ongoing, relevant and up-to-date security training with all of our employees. Access to all data is limited only to those necessary, as dictated by the principle of least privilege. We conduct background checks before employment, and all of our staff members are required to read and sign our security and confidentiality policy agreement.

All of our employees are restricted by mandatory company policy to maintain confidentiality concerning user data. Access to data is restricted, limiting availability to only those necessary. In order for staff to access data generated from the daily use of the service requisite employees will only do so after requesting permission from the customer.

Data Handling and Privacy

Inline Manual do not sell, share or otherwise willingly disseminate Personally Identifiable Information sent through People Tracking feature to any third parties. Information gathered in the EU/EEA area will not be transferred outside the EU/EEA area.

Inline Manual Analytics data stored (Note: this feature is optional)

  • IP address
  • Browser headers
  • Timestamp
  • URL location
  • Inline Manual related data
    • Topic start/end
    • Step shown
    • Search keywords
    • Events

Inline Manual Segmentation data stored (Note: this feature is optional)

  • Uid - mandatory
  • Email
  • Username
  • Name
  • Roles
  • Group
  • Plan
  • Created
  • Updated
  • Custom fields/data

It is entirely up to the customer to set the values of the segmentation fields. Customers with higher levels of sensitive user data who want to use segmentation can hash the values before sending them to Inline Manual portal.

User data will be permanently deleted upon request.

Data Encryption

Communications between our service, customers portals and Inline Manual products are all encrypted via SSL/TLS.

PCI Compliance

Inline Manual is fully PCI compliant. Inline Manual ensure the security of respective customer information by using a PCI compliant payment gateway (Stripe). No credit card information is stored on our servers. Read more about the Stripe payment gateway security services here.

Security Incident Management

Inline Manual is committed to informing all customers in the event of any security breach or unauthorized access to user data.

Service Levels (Uptime) and Monitoring

We have observed 99.99% uptime or higher across our services. You can check and subscribe to our stats and incident history from our pingdom page here.

Our in-house engineering team (based in Prague, Czech Republic) monitors and logs errors using world-class tools like Pingdom, NewRelic, Datadog, OpsGenie.

New Releases

Inline Manual employs a staged rollout deployment process when there is a new version of the Inline Manual player. This enables our customers are able to switch to the new release, test it and then deploy it to their users - you can read about it here.

Hosting Infrastructure

Inline Manual servers are hosted by Google Cloud Platform. The Inline Manual service hosting servers are physically located at London, UK (London’s Cloud Region). Google Cloud Platform security can be found here.