Data Safety

Data Safety

Your site and visitor data are safe with Content Ignite. There are a number of steps we take to ensure you are the only person who can access your site data and that your visitors’ privacy is respected.

Data storage

All data Content Ignite collects is stored electronically inside the EU. The database containing visitor and usage data is only accessible from the application servers and no outside sources are allowed to connect to the database. Our log data retention times are no longer than 5 days.

Visitor privacy

• Site visitors are assigned a unique user identifier, UUID, so that Content Ignite can keep track of returning visitors without relying on any personal information, such as the IP address.

Data collection and transmission

• Firewalls are in place exposing only the necessary ports through the internet and between different servers. 
• Content Ignite transmits data from the visitor’s browser to our systems using HTTPS if the site which is using Content Ignite uses HTTPS.
• The protocols and ciphers suite used to encrypt data in transfer is available at the end of this article.

HTTPS / HTTP

If the site running Content Ignite uses HTTP and not HTTPS, the data transmitted to our servers will not always be encrypted. We always suggest using HTTPS when using Content Ignite so the data transferred is always encrypted.

Data access and authentication

Only Content Ignite engineers which require such access to perform their job efficiently are given access. Different engineers are given different access rights on different system components as well depending on what their job requires. Engineers who do have access, have their own credentials and these are only valid when used from specific IPs. SSH Key-Based authentication is used for server access. 

Compliance, certifications and audit reports:

Our hosting provider has achieved ISO-27001 Certification in addition to completing a SOC1 third-party audit and are actively involved in the EU-U.S. Privacy Shield Framework alongside many others.

Further information can be found here https://cloud.google.com/security/compliance

Content Ignite Architecture & Security

Data in transfer is encrypted using the following secure protocols and ciphers:

SSL Protocols
TLSv1.2
TLSv1.3

SSL Ciphers
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

Full report can be found here: https://www.ssllabs.com/ssltest/analyze.html?d=api.tagdeliver.com&latest