How Qwilr Protects Your Account and Pages
Everything you need to know about how we keep your data secure.
At Qwilr, we prioritize the security of your account and your Qwilr Pages. Our team is dedicated to implementing robust security measures to safeguard your data and ensure your content remains protected. In this article, we'll share detailed information about the various security practices and features we employ to keep your account and pages secure.
In this article
URL Link Secrets
The URLs for your pages are protected by something called 'Link Secrets'. A URL Link Secret is a unique, unguessable link generated for your Qwilr Page that provides an additional layer of security. Only people with access to this specific link can view the page, ensuring that your content remains private and is not easily discoverable by others. These random hashes are the same security technology that Dropbox, Google and others use to ensure private access to URL-accessible material.
For technical details: the secrets are created by generating a RFC4122-compliant UUID (Universally Unique Identifier) and base64 encoding it.
Search engines cannot crawl these secret link URLs. There are robots.txt instructions preventing it, and there are no links on the public web pointing to these secret URLs.
Basically, your Pages are secret unless you explicitly share the URL somewhere. They can't be stumbled upon by someone.
If you post links on public websites, there may be a chance that search engines may crawl and index their content. You can also explicitly set your Pages to be indexable by search engines.
Data storage
Qwilr’s servers are hosted in secure data centers operated by Amazon Web Services (AWS), which are known for their industry-leading security measures. These data centers are equipped with advanced physical and digital protections, ensuring that your data is stored in a highly secure environment. Our production database runs on Mongo DB Atlas with the data encrypted at rest and continuously backed up. See the Mongo DB Atlas security whitepaper here.
Billing security
Qwilr prioritizes the privacy and security of your payment information. When you subscribe to our services, your payment details are processed through Stripe, a renowned payment processor known for its stringent security standards. Stripe utilizes a secure, SSL-encrypted, PCI-compliant system to handle transactions, ensuring that your sensitive data is protected throughout the payment process. This means that Qwilr never has access to your payment information, providing you with peace of mind regarding the confidentiality of your financial details.
Analytics
If you're on a Business or Enterprise subscription, you'll have access to Advanced Analytics. With that you'll have a far more nuanced view of how your Qwilr Page is being viewed. You can see how many times it's viewed and the general locations of where it's being viewed. On our Enterprise plan, you even limit page views to specific domains.
If one of your pages is ever viewed too many times, or viewed during times that you think are unusual, you can disable the link quickly and easily. You can then create a new version of the page and re-share it as needed.
Additional security features
You can also add security to your documents like password protection or views limits. You can read about that here.
If you have specific questions about how Qwilr keeps your data safe, reach out to [email protected]. Please note - if your security questions are complex, we may need to loop in other departments which may cause longer wait than normal. But don't worry - you'll get an answer as soon as we can!