This article covers the following:
Overview
Wingify servers are used to transmit and store visitor information generated by tests running on your websites. However, by default, Wingify does not require the storage of any personal data to function. Wingify does not capture or record data entered into input fields such as text boxes, email fields, password fields, search boxes, or form inputs. This automatic masking ensures that any sensitive information entered by visitors is never recorded or stored. To learn more about how to anonymize or whitelist your website data in Wingify recordings, refer to How to secure your visitors’ data in Wingify.
For deleted or expired accounts, the data is deleted within 45 to 90 days from the date of expiry. For priority cases, you can write to Wingify Support, requesting immediate deletion of accounts or specific visitor data. Wingify may retain PII and account data only as required and permissible by applicable laws, and for such period by applicable laws.
Visitor-Level Data Collected and Stored by Wingify
The table below outlines the visitor-level data that Wingify collects and stores on its servers to enable experimentation, targeting, and reporting.
| Sr. No. | Field Name | Definition | Sample |
|---|---|---|---|
| 1 | IP address (anonymized) | Wingify applies IP de-identification by masking a portion of each visitor’s IP address by default. This masking prevents the identification of an individual. By default, the last octet of the IP address is removed. This behavior is configurable by customers, up to complete removal of IP storage, ensuring compliance with privacy-by-design principles. | 10.16.72.0 10.16.0.0 10.0.0.0 0.0.0.0 |
| 2 | Cookie UUID | A randomly generated Universally Unique Identifier (UUID) is created and stored in the visitor’s browser. This UUID is stored in Wingify, contains no fingerprinting or personal data, and is used only as a pseudonymized reference to distinguish browser sessions. | 4201E4DB-4C25-BA4DDD31-C137C7 18D30E |
| 3 | Country | Country-level geographic information derived from the visitor’s location and used for targeting and experimentation. Customers can configure it to store just country/country & region/country, region & city data, or completely turn it off. | USA |
| 4 | State | State or region-level geographic information used for testing and targeting. Customers can configure it to store just country/country & region/country, region & city data, or completely turn it off. | California |
| 5 | City | City-level geographic information derived from the visitor’s location and used for experimentation. Customers can control whether city-level data is stored or disable it altogether. | San Francisco |
| 6 | Device Type | The type of device used by the visitor to access the website. This information is commonly used for segmentation and testing. | Mobile/tablet/desktop |
| 7 | Device Operating System | The operating system of the visitor’s device, captured to support analysis, targeting, and experimentation. | Microsoft Windows |
| 8 | Browser Type | The web browser used by the visitor to access the website, used for segmentation and testing purposes. | Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Edge, Opera, etc. |
| 9 | Referring URL | The URL from which the visitor arrived at the website. This helps identify traffic sources, including organic and paid campaigns. Query parameters in the URL can indicate paid campaign attribution. | Organic search: www.abc.com Inorganic search: www.abc.com/anfjmdbfsdhf/avf dkv jbivkahdvdrger12332/1231feqw (The bold part of the sample URL indicates a query parameter, which helps you understand from which paid campaign your visitor visited your website.) |
| 10 | Visitor Type | Indicates whether a visitor is accessing the website for the first time or has visited previously. | Visitor Category as either: 1. New Visitor 2. Returning Visitor |
| 11 | Screen Resolution | The pixel dimensions of the visitor’s screen, represented as width × height. This information helps understand how visitors view the website across different devices. | 1536x864 |
| 12 | Conversion | In A/B testing, a conversion is a specific, desired action a user takes on a website or app. This parameter indicates whether a visitor completed a predefined goal or desired action, such as a purchase or form submission. When a visitor performs an action that fulfills your set goal, it means a conversion has occurred. | Yes/ No |
| 13 | Conversion Time | The timestamp at which a conversion event occurred. This helps analyze converted traffic, conversion patterns, and time-based performance of tests. It also provides granular information on when conversions were high and/or low. | 2024-12-05 04:57:38 | 2024-12-05 04:57:39 |
| 14 | User Language | The language preference detected from the visitor’s browser or system settings. | en-us |
| 15 | URL | The webpage URL that the visitor accessed. This information is used to track page-level activity and behavior. | http://bdbd.zyx.com/analyse.html |
| 16 | Email address and Phone number | When using Wingify Pulse surveys, customers may optionally choose to collect email addresses and/or phone numbers. The inclusion of these fields is entirely at the customer’s discretion. Where enabled, such data is protected using field-level encryption. Wingify does not require the collection of this information, and customers retain full control over their survey configurations. | abc@xyz.com +1-XXXXXXXXXX |
| 17 | Custom Dimension | Using Custom Dimensions, you can categorize and differentiate visitors on your website. Wingify never recommends collecting any personal data using a customer dimension. | For example, if you are a SaaS company, you may want to categorize users based on their subscription plans. Or, a travel agency that recently ran promotional offers may want to view conversion by age-group. This can be done using Report Segmentation. |
- Location Information – For accounts that are using the reports segmentation option, the location information helps filter visitors, based on their geographical location or region. You can customize what level of location information you want to track. To learn about location information, refer to Location Settings in Wingify.
- IP Addresses – By default, the last octet of any IPv4 address or the last 5 segments of any IPv6 address are anonymised before being stored on Wingify servers. You can choose from different anonymisation formats to store the IP information. To learn how to change the anonymisation settings for IP addresses, refer to the IP Address Settings in Wingify.
- Cookies – Visitor UUID and cookies information are used to identify variation accessed. The visitor journey is pseudonymized by using a one-way hashed value.
- Custom Dimensions – As a policy, Wingify does not recommend sharing any personal information with Wingify. However, in situations where it becomes mandatory to share such data, we recommend the use of salt with a minimum hashing requirement of SHA256, with at least 8 characters. To learn about Custom Dimensions, refer to Working with Custom Dimensions in Wingify.
- Email Addresses – If you have Wingify surveys running where email addresses are collected, Wingify encrypts all survey responses by default.
Data Deletion & Disposal Policy
Wingify follows a standard data deletion process under which all user/visitor data is securely deleted within 45–90 days after contract expiry, termination, or completion of services. Data deletion is performed through automated and secure scripts, ensuring consistency and minimizing manual intervention. These processes are aligned with ISO 27001 Information Security Management System (ISMS) controls and NIST-aligned secure data destruction practices, and apply across production systems and backups as per defined retention cycles.
Certain Wingify features and products may have different data retention timelines based on their functionality and customer plan. For example, session recordings for Wingify Insights (Enterprise plans) are automatically deleted 90 days after data collection. Such variations are designed to balance product functionality, performance, and privacy requirements.
For detailed, product-specific and plan-specific data retention timelines, please refer to the Wingify Data Retention Policy.
Need more help?
For more information, or further assistance, contact Wingify Support.