Enterprise Level Hosting
One of the most secure and elaborate hosting providers is used.
Two Factor Authentication (2FA)
If you want, you can use 2FA. This way your accesses are even better protected.
We’re not the only ones testing our platform. We are happy about every bug found.
ABlyft is designed to deliver your tests cleanly. Built for optimal performance.
Programmed by people who know how to do it. Also a comprehensive documentation is provided.
From experts for experts. If you are unsure about anything – we are happy to help!
Privacy by Design
It seems surprising – but we don’t store IP addresses or user IDs in the platform. We don’t need them there. The whole platform follows the rules “Privacy by Design” and “Privacy by Default”.
No IP addresses
At no time is the IP address of the website visitor used or stored. Nor will there be a lookup.
No User IDs
The user ID is only stored in the browser of the website visitor – not in the platform. Greetings to the GDPR.
Adhere User Settings
If you want, settings like “Do not Track” of the user will be respected. Adjust the cookie lifetime as you need it.
ABlyft does not process any personal data (e.g. no IP, not even shortened, no user ID or cookie ID).
The data is only stored in the cookie of the user, but not in the platform.
ABlyft encapsulates data so that it can be processed separately from the data of others. The data is not merged with other data. It is only used for the clear purpose of testing within your own account and not for any other purpose.
ABlyft is hosted by AWS (Amazon Web Services) in Germany. All data is stored in the high-performance data center in Frankfurt.
- The Platform itself
- All Databases
- The JS-Snippet
- All other
ABlyft itself is not SOC compliant. However, Amazon Web Services is fully certified as the operator of the data center.
The following stages are affected:
- AWS SOC 1 (Formerly SSAE 16/ISAE 3402)
- AWS SOC 2 – Security & Availability
- AWS SOC 3 – Security & Availability
If you are interested you can request further information.
ABlyft follows the principles and standards of the PCI Standards Council for the storage and processing of credit card data, but does not itself process this data.
As payment provider we use Stripe.
Stripe has been audited by an independent PCI Qualified Security Assessor (QSA) and is certified as a “PCI Level 1 Service Provider”. This is the most stringent level of certification available in the payments industry.
We have not yet worked towards achieving these certifications. However, we assure you that we have done our best in our efforts to ensure usability and safety.
If you have any questions, please do not hesitate to contact us!
As of November 2016, AWS was the first Cloud Service Provider in Germany to receive C5 at the infrastructure level. With the C5 report, AWS lays the foundation for documenting C5 compliance as an Infrastructure as a Service (IaaS) provider.
CSA STAR LEVEL 1: CSA STAR Self-Assessment
AWS participates in the voluntary CSA Security, Trust & Assurance Registry (STAR) Self-Assessment to document our compliance with CSA-published best practices.
CSA STAR LEVEL 2: CSA STAR Attestation and Certification
AWS aligns with the CSA STAR Attestation and Certification based on the determinations in our third-party audits for System and Organization Controls (SOC) 2 Reports and ISO 27001
CSA STAR LEVEL 3: Continuous Monitoring
AWS provides customers with the tools they need to meet continuous monitoring requirements. CSA is still defining the Level 3 Continuous Monitoring requirements, so there is no available certification to determine alignment.