Data Security

Momently is committed to keeping your privacy and data secure. Momently employs a variety of technical and organizational security measures and dedicates significant effort towards maintaining data security.

Confidentiality

Momently protects the confidentiality of customer data in several ways:

Our Momently terms of service, which all customers must adhere to, prohibit sending personally identifiable information (PII) to Momently. PII includes any data that can be used to reasonably identify an individual, including (but not limited to) names, email addresses, or billing information.

Momently data may not be shared without customer consent, except under certain limited circumstances, such as when required by law.

Momently security and engineering team take measures to guard against external threats to data. Internal access to data (e.g., by employees) is regulated and subject to access controls.

IP Addresses

Momently does not store IP addresses.

Third-party vendors

Momently requires that all of our third party vendors abide by our confidentiality and security measures, and obey similar restrictions.

Encryption

Data ingress: Momently supports encryption via HTTPS for all data being sent to Momently systems, and strongly encourages all customers to only send data via HTTPS.

Data egress: All Momently APIs supports sending data via HTTPS. Momently dashboards only support HTTPS.

Encryption at rest: Where feasible, sensitive data is stored under encryption. Passwords and other highly sensitive information are hashed and salted.

Physical protection

All Momently servers are hosted on Amazon Web Services, which in turn employs industry standard protections.

Access

Permissioning: We restrict access to all Momently servers to only those employees with a need to access. All servers employ role-based permissioning.

GDPR Compliance

The GDPR strengthens individual rights and harmonizes data protection laws across Europe. It regulates the "processing" of personal data — defined very broadly — of any EU resident, regardless of where the processing takes place.

Please note: This section is not a legal document and is not meant to provide all legal terms related to our provision of services to you. For legal terms, please see the relevant agreement between you and Momently.

Does Momently Analytics track personal data?

Momently Analytics — our first-party analytics product — is the part of our platform that processes website visitor data, and is referred to as a "Data Processor" under GDPR. In acting as such, it obtains user internet protocol (IP) addresses and certain other online identifiers which constitute "Personal Data" under the GDPR's broad definition.

Momently Analytics does not collect or store any identifying information about your website visitors such as names, email addresses, or any similar information. The product is designed to provide full functionality without needing any such information. We also do not collect or store any sensitive or special categories of personal data as a matter of data security and privacy.

What are IP addresses and why does Momently Analytics obtain them?

Momently Analytics code transmits information to our servers when visitors browse a website. This transmission of data between browser and server involves IP addresses, as all internet communication does. After receipt of the data, we use the IP address to identify the city and country in which a visitor is based. We then delete the IP address from our system. We do not use IP addresses in any other part of our system.

Does Momently Analytics set cookies?

Momently Analytics does not set third-party cookies and does not take any steps to identify specific visitors. We do not do browser fingerprinting or collect device IDs.

There are two types of cookies: first-party cookies and third-party cookies. A first-party cookie is set by the website owner — the domain name that appears in the browser address bar — and is specific to that particular website. A third-party cookie is set by a domain other than the one in the browser address bar, and may be used to track visitors between domains.

Momently Analytics was designed with privacy in mind and is a first-party analytics platform. Publishers who use our service can set first-party cookies on their sites using Momently Analytics code. However, Momently Analytics does not, under any circumstances, set third-party cookies on our publisher's sites.

Have GDPR changes affected the Terms of Service?

Momently's Terms of Service document has been amended with GDPR requirements. Customers governed by our Terms of Service will be automatically served by our Data Processing Addendum (DPA). We have also updated our Privacy Notice and several other documents.