Security and Compliance

Enterprise-Grade Security

Over 4,000 customers rely on CleverTap to execute on their mobile engagement strategies everyday. Our security and risk management processes safeguard each customer’s data within their own silo, strictly restricting any movement of data between clients and thereby ensuring there is no inadvertent access to data other than yours.

CleverTap leverages multi-factor authentication, inflight data security across devices, formal change management policies and up-to-date security protocols on the dashboard and across all API endpoints to ensure that customer security is not compromised.

Enable Physical and Network Security

We maintain data-centers on AWS that are fully compliant with a range of certifications for industry-specific applications. We do not store any data off-site outside of AWS and do not use any off-site physical storage facilities.

We follow best practices to protect the network perimeter, including maintaining redundant DNS servers and a denial-of-service (DoS) prevention and mitigation system. Antivirus and a host-based intrusion detection system (IDS) are used on all production servers. For more information on AWS security best practices, visit: AWS Security

Encrypting Data at Rest and Data in Motion

CleverTap performs encryption at all incoming and outgoing data collection endpoints. The most up-to-date TLS protocols with SHA256 algorithms are used to handle communications between CleverTap and customer applications.

The data key used for encryption is itself encrypted using a unique customer master key and stored securely on the disk. The customer management key is stored securely using FIPS 140-2 validated hardware security modules and is never transmitted outside of EU, where our data centers are based.

Ensuring strict Access Control

CleverTap takes preventive measures to ensure that its internal systems are accessed by employees on a need-to-know basis based on least-privilege, and via VPN. Additionally, to access the CleverTap dashboard, every CleverTap end-user requires a unique user ID and password, along with multi-factor authentication and role-based access, thus ensuring multi-tenancy and complete data privacy.

This access model is enforced on each end-user session. CleverTap requires passwords to be at least eight characters in length and must be rotated every 90 days for additional security. CleverTap passwords use PBKDF2 (Password-Based Key Derivation Function 2) with HMAC (hash-based message authentication code) along with a salt value and the SHA-1 algorithm.

User Privacy

CleverTap is committed to protecting customer data at all times. CleverTap has a formal Privacy Policy in place to protect user access at all times. With best-in-class security standards, CleverTap restricts access based on least-privilege while at the same time allowing customers to easily manage their user data. We have also established best practices so our customers can easily access their user content and determine how it is stored and processed through CleverTap’s user permission controls and approval workflows.

Business Continuity and Disaster Recovery

CleverTap’s infrastructure scales automatically for ebbs and flows in traffic. Our proprietary technology is custom-built and allows us to provide high availability and rapid recovery in the event of an issue. We are not reliant on any external launch cycles or product updates to improve performance. Our infrastructure is connected with multiple network carriers to dynamically respond to each request with the best connectivity in order to ensure reliable and continuous availability of critical resources at all times. All data backups are protected by stringent role-based access control restrictions. Data is replicated periodically to provide state-of-the-art fault-tolerance, highly responsive recovery, and scalability at all times.

Compliance

CleverTap is committed to maintaining strong data protection commitments while also ensuring that we provide our customers with the tools required to comply. By maintaining a shared responsibility with AWS, CleverTap is able to maintain fully compliant data centers that allow sensitive data to be stored securely.

GDPR – General Data Protection Regulation

CleverTap welcomes the opportunity to deliver better customer experiences in preparing for the General Data Protection Regulation (GDPR). CleverTap is compliant with GDPR and is taking the necessary steps to help our customers manage compliance related features and capabilities.

We have added enhancements to our product functionality and updated our documentation to help you better handle the GDPR requirements. Among other things, these updates will support you in offering data privacy to your application’s end users and easily facilitate user requests to exercise individual data subject rights.

What Our Customers Have to Say

"Since integrating CleverTap, we’ve increased CTRs by 5% and subscriptions by 10%. Having analytics and engagement on the same platform has been critical to our customer acquisition and retention."

Omkar Shende

AVP Product Management, Sony
"CleverTap has proven to be a very valuable and effective platform for customized user engagement. Not only is it easy to integrate, but easy to use and requires little to no engineering or development effort."

Craig Thayer

VP of Technology, DealsPlus
"CleverTap’s impact is clear: our conversions and traffic have increased over 50% in the last several months. CleverTap is a trusted partner for BookMyShow. Their advanced mobile CRM lets us implement complex yet easy-to-set-up automated campaigns for our users."

Marzdi Kalianiwala

Vice President, BookMyShow
"CleverTap has been a valuable resource in helping us engage users with relevant, non-intrusive messages at the right moments. The whole team provided first-class service, from the initial ramp-up to getting us fully integrated and running automated international campaigns."

Robert Manger

President, Hooked on Phonics
"CleverTap provides us with the best analytics and a deeper understanding of our users. This has enabled us to meet our teachers’ needs and deliver contextually relevant experiences and to increase engagement for their student programs."

Felipe Saint Jean

CTO and Co-Founder, School 4 One
"CleverTap’s superior user engagement and segmentation allows us to connect with users based on their in-app behavior. They provided hands-on support through the migration process and worked with us to create a smart event design that met all our requirements."

Daniel Calabrese

CEO, Streamago
"CleverTap is the perfect platform for any growth hacker. It’s not just about analytics and segments — they work with you on clever campaigns, optimization, and how to use your data better. They have perhaps the best support team for deep dives and issue resolutions."

Himanshu Periwal

Vice President - Growth, Ixigo
"CleverTap's action/inaction campaigns and ability to engage users in real time changed the game for us with increased conversions from abandoned carts. I highly recommend them."

Revant Bhate

Head of Marketing, Faasos
"At FreeCharge, we focus on growing our active user base as well as increasing the conversion funnel at optimized costs. We’ve used CleverTap to interact with our users across different channels — all from a single platform."

Manan Bajoria

Head of Growth Marketing, FreeCharge
"CleverTap’s multi-channel marketing suite enables us to engage with real-time customer insights that help make informed marketing decisions. Having a technology partner who believes in our core value proposition helps us accelerate our efforts rapidly"

Zaheer Adenwala

Co Founder & CTO, Ketto
"Curiosity leverages CleverTap’s message variant and A/B testing capabilities to select the optimal message for user communication based on the observed click-through rates. We have observed a 25% or more uplift in user activity, increased sharing of content and improved user retention."

Michael Russell

CTO, Curiosity
"CleverTap's robust marketing suite helps us with segmenting & targeting our users’ behavior in real time. The way analytics is merged with engagement, helps us craft better campaigns as well as get valuable insights with features such as funnels & increase conversions via repeat purchases."

Ashish Aggarwal

Head of Digital Marketing, 1mg
"At Mobikwik, we use CleverTap's mobile marketing capabilities extensively to engage better with our users. With CleverTap, we can run powerful contextual and personalized campaigns and our retention rates have significantly improved ever since."

Abhinav Chand

Marketing Manager, MobiKwik
"Thanks to Clevertap's ability to handle large volumes of data we have been able to scale our userbase 10x in the last 12 months without worrying about our real-time analytics solution."

Ankush Sachdeva

Co-founder & CEO, ShareChat
"At HealthifyMe we believe in a data-first approach when it comes to engaging our users and CleverTap's robust features help to extend our segmentation to optimize the impact of our engagement campaigns."

Anish Jose

Product Manager, HealthifyMe
"With CleverTap Pivots, we are able to cross-tabulate data across billions of data points in no time. This enables us to gain valuable insights that we can leverage to provide better recommendations around our entire solution suite - from keyword research, ASO promotion, A/B testing, sentiment analysis to much more."

Raphael Maimon

Product Designer / Design Director, Pranker
"We segment our users into various segments - new users, first-time buyers, cart abandoners, inactive users & more with just a few clicks on the CleverTap dashboard. Using this information, we send them relevant & contextual messages via the right channel & at the right time using CleverTap's well-integrated marketing suite."

Vivek Thota

Senior Product Manager, Kraftly

High Growth Teams Trust CleverTap with Security, Scale and Compliance