Data Privacy and Security

High Growth Teams Trust CleverTap with Security, Scale and Compliance

Data Security
GDPR
Compliance
HIPAA BAA Data Retention
Policy
Role Based
Access
2 Factor
Authentication
Restricted IP
Addresses
Localized
AWS Instances
Data
Encryption
Data
Privacy
Workflow
Approval

Enterprise-Grade Security

Over 8,000 customers rely on CleverTap to execute on their mobile engagement strategies everyday. Our security and risk management processes safeguard each customer’s data within their own silo, strictly restricting any movement of data between clients and thereby ensuring there is no inadvertent access to data other than yours.

CleverTap leverages two-factor authentication, inflight data security across devices, formal change management policies and up-to-date security protocols on the dashboard and across all API endpoints to ensure that customer security is not compromised.
Enable Physical and Network Security

Enable Physical and Network Security

We maintain data-centers on AWS that are fully compliant with a range of certifications for industry-specific applications. We do not store any data off-site outside of AWS and do not use any off-site physical storage facilities. We follow best practices to protect the network perimeter, including maintaining redundant DNS servers and a denial-of-service (DoS) prevention and mitigation system. Antivirus and a host-based intrusion detection system (IDS) are used on all production servers. For more information on AWS security best practices, visit: AWS Security

Encrypting Data at Rest and Data in Motion

CleverTap performs encryption at all incoming and outgoing data collection endpoints. The most up-to-date TLS protocols with SHA256 algorithms are used to handle communications between CleverTap and customer applications. The data key used for encryption is itself encrypted using a unique customer master key and stored securely on the disk. The customer management key is stored securely using FIPS 140-2 validated hardware security modules and is never transmitted outside of EU, where our data centers are based.
Encrypting Data at Rest and Data in Motion
Ensuring Strict Access Control

Ensuring strict Access Control

CleverTap takes preventive measures to ensure that its internal systems are accessed by employees on a need-to-know basis based on least-privilege, and via VPN. Additionally, to access the CleverTap dashboard, every CleverTap end-user requires a unique user ID and password, along with two-factor authentication and role-based, thus reducing the risk associated with account compromise. This access model is enforced on each end-user session. CleverTap requires passwords to be at least eight characters in length and must be rotated every 90 days for additional security. CleverTap passwords use PBKDF2 (Password-Based Key Derivation Function 2) with HMAC (hash-based message authentication code) along with a salt value and the SHA-1 algorithm.

User Privacy

CleverTap is committed to protecting customer data at all times. CleverTap has a formal Privacy Policy in place to protect user access at all times. With best-in-class security standards, CleverTap restricts access based on least-privilege while at the same time allowing customers to easily manage their user data. We have also established best practices so our customers can easily access their user content and determine how it is stored and processed through CleverTap’s user permission controls and approval workflows.

Business Continuity and Disaster Recovery

CleverTap’s infrastructure scales automatically for ebbs and flows in traffic. Our proprietary technology is custom-built and allows us to provide high availability and rapid recovery in the event of an issue. We are not reliant on any external launch cycles or product updates to improve performance. Our infrastructure is connected with multiple network carriers to dynamically respond to each request with the best connectivity in order to ensure reliable and continuous availability of critical resources at all times. All data backups are protected by stringent role-based access control restrictions. Data is replicated periodically to provide state-of-the-art fault-tolerance, highly responsive recovery, and scalability at all times.

Compliance

CleverTap is committed to maintaining strong data protection commitments while also ensuring that we provide our customers with the tools required to comply. By maintaining a shared responsibility with AWS, CleverTap is able to maintain fully compliant data centers that allow sensitive data to be stored securely.
General Data Protection Regulation

GDPR – General Data Protection Regulation

CleverTap welcomes the opportunity to deliver better customer experiences in preparing for the General Data Protection Regulation (GDPR). CleverTap is compliant with GDPR and is taking the necessary steps to help our customers manage compliance related features and capabilities. We have added enhancements to our product functionality and updated our documentation to help you better handle the GDPR requirements. Among other things, these updates will support you in offering data privacy to your application’s end users and easily facilitate user requests to exercise individual data subject rights.

Why our customers love us

We Drive Measurable Growth

Helping our customers succeed
View our Customers
  • 4x

    Higher CTR with ab testing

    36%

    Reduction in new user churn

    “I loved CleverTap from the moment I started using it. It’s not just a mobile engagement tool, but a tool that is helping apps continue to grow and achieve their objectives.”
    Natalia Garcia Ocampo
    Marketing & Growth Director, Movii
    See Case Study
  • 71%

    Increase in week 3 retenion rates

    73%

    Improvement in average CTRs with personalization

    “Pairing Carousell’s own AI and machine learning work and with CleverTap’s capabilities in the same domain has helped to enhance the push experience for buyers on the platform.”
    Arun Kumar
    Head of Digital Marketing at Carousell
    See Case Study
  • 12%Engagement

    With event-centric campaigns

    3%CTRs

    Using data-based insights from Pivots

    “CleverTap’s data-driven mobile marketing suite continues to play a crucial role in our growth. Using CleverTap we have been able to run omnichannel campaigns for a diverse set of use cases.”
    Mihir Shah
    VP of Product & Marketing Growth, Disney+ Hotstar
    See Case Study
  • 16%

    More Conversions

    25%

    Increased Campaign CTRs

    “The amalgamation of data science and the ability to extract data faster, real time updates to metrics, and campaign automation capabilities make CleverTap the best in the industry.”
    Manish Dhanwani
    Senior Marketing Manager, SonyLIV
    See Case Study
  • 5x

    Increase in 90-Day Retention Rate

    2x

    Increase in MAUs

    “CleverTap is an easy-to-use and intuitive tool to engage with customers. It has a wide selection of channels, and also detailed analysis tools to help get insights for all your campaigns. We are also very happy and impressed with the support the customer success team provided.”
    Maybelle Cheah
    Customer Analytics Team Lead at Boost
    See Case Study