Candu is deployed over AWS, and high throughput data processing code is hosted using AWS Lambda to ensure the highest availability and scalability levels.
Candu uses CDNs hosted by S3 and Cloudflare to publish content to the frontend. CDNs allow us to maximize upload speeds so that Candu content loads along with the other components in your application.
The Candu SDK is installed within your application to provide dynamic segmentation and user analytics and to render the UI. Our SDK is engineered to handle multiple failure points. You can read more about the SDK API here.
and style guide
Match your brand’s fonts, colors, and more.
Control who does what with separation of privileges.
Facilitate collaboration between teams with a single account.
Seamless integrations mean Candu fits right into your product stack.
Powerful analytics show you what’s working and what needs improvement.
We follow industry-standard end-to-end encryption methods and use best-in-class vendors for cloud and application security.
We take your privacy seriously!
For details on how we protect your personal information, view our Privacy Statement.
Responsive technical support and guaranteed SLAs keep you up and running.
With data protection and privacy built into everything we do, Candu is fully GDPR-compliant. We meet stringent international security standards, and we undertake comprehensive audits of our policies, networks, and systems to keep your information secure.
Candu does not require any personally identifiable information (PII) to be passed to the service, nor do we actively collect any PII from our customers.
In accordance with GDPR practices, Candu will delete all of your customer data and will provide an export of customer data in JSON format within 30 days of receiving a written request.
Candu is SOC 2-compliant and received certification in July 2021.
Every aspect of the Candu application is encrypted. Our servers enforce HTTPS protocol by using TSL 1.2. Internally, our servers communicate exclusively using HTTPS.
Our data is stored entirely on Amazon Web Services (AWS) using the Advanced Encryption Standard (AES). Any server-side secret is stored and accessed via AWS Key Management Service. We rotate sensitive keys and expire critical keys.
All backups are encrypted and stored using AES-256 in secure cloud locations within the EU.
No. Candu does not require any personally identifiable information (PII) to be passed to the service, nor do we actively collect any PII from our customers.
Candu also gives you fine control of all the analytics that you send to our servers. You can use your eventing libraries to customize exactly which information we receive, so you can be confident we are only tracking information that you want to share.
At Candu, we take our SLA and partner operations extremely seriously. We strive to maintain a 99.9% SLA in all of our APIs and frontend assets.
SLA monitoring is done through third-party integration monitoring. We currently ping 10+ APIs for uptime, as well as other critical aspects of our infrastructure that we use to provide these services.
All the tests are performed from seven different locations around the world (Canada Central, Ohio, Oregon, Sydney, Tokyo, Frankfurt, London) to ensure we maintain availability within and throughout different regions.
All critical integration tests are performed each minute.
If any alerts were to fail, our team would be notified immediately, as outlined in our escalation policy.
Improving page performance is critical to any product, and we measure ourselves by the same standard as internal libraries used by any development team. The Candu SDK is designed to minimize the performance impact of installing it on any page, and we are continually working to increase its performance.
More questions? Contact our Security team.Contact Now