Legal

TABLE OF CONTENTS

• Data security standards in CUX
• Privacy Policy
• Terms of Service
• CUX & the GDPR
• CUX & the Consent Security Policy (CSP)
• Privacy Policy Input for your page [Template]

Data security standards in CUX

Data storage

All data is hosted within the EEA. 

CUX's data centers are located in Frankfurt (DE), Warsaw (PL), Roubaix (FR), and Strasbourg (FR). 

Data encryption

Data to and from CUX’s servers is encrypted in transit. 

We are using TLS1.2/1.3 protocol. 

Masking of sensitive data

The exclusion of the indicated sensitive data (such as customer contact details) takes place at the stage of the user’s browser. You can hide sensitive data from our analytical scripts BEFORE sending them to our servers using the CSS class cux-excludeclass.

Client-side script hosting

This option is available for enterprise clients only!

Client-side scripting (embedded scripts) is code that exists inside the client’s HTML page. The main benefits of client-side scripting are:

• Greater control over the way data is collected; full control over the CUX publishing cycle.
• Avoidance of blocking and excluding the analytical script by tools such as AdBlock.
• The user’s actions will result in an immediate response because they don’t require a trip to the server.

Open code

We provide access to the source code of the data-collecting scripts only for enterprise clients!

Privacy Policy

Key Privacy Policy points:

• CUX is a SaaS for analysing and visualizing users behaviours and digital experiences on sites. 
• Behaviour tracking is run by a custom code snippet implemented by each domain. 
• Every single connection is established using SSL encryption.
• CUX is collecting information from the End User browser.
• By implementing various measures we ensure that all the daya is adequately protected against unauthorized access, use, disclosure, and destruction.
• We do not rent or sell any information and data, but sometimes link to other sites that means no endorsement or responsibility on our end.
• CUX will disclose Your personal information if bound to do so by law. 
• You'll be notified by any changes to our Privacy Policy via the email associated with Your account.
• You may always opt out from our services.
• By visiting Our Site, or by signing up via Our Site, You acknowledge that You accept and consent to Our privacy practices.
• The Controller of your personal data is CUX Research Sp. z o. o.
• You provide your data voluntary, but it's necessary for the performance of the Agreement.
• If You have any concerns or questions about privacy, contact as at team@cux.io. 

View CUX Privacy Policy. 

Terms of Service

Key Terms of Service points:

• Terms of Service are a legal agreement between You and cux.io.
• To use CUX you must register for an account and keep your password safe. We cannot be held responsible for any unauthorized access to Your Account.
• You have a non-transferable, non-exclusive, revocable, limited licence to use CUX. 
• CUX is not liable to you or to any third party for any modification, suspension, or discontinuation of our service.
• Your subscription plan depends on your choice, and you can change it or upgrade/downgrade it at any time.
• You can pay us via bank transfer or with credit card.
• If you'll fail to pay for your subscription within the agreed time frame, we will lock your account. 
• We'll notify you about any changes to Terms of Service via e-mail assigned to your account, and/or on our Website or in our App. 
• Our Agreement is governed in accordance with the laws of Poland.
• We do our best to make data secure and accurate, but we make no warranty. 

View CUX Terms of Service. 

CUX & the GDPR

We are 100% GDPR-compliant. 

CUX & the Consent Security Policy (CSP)

To be able to use CUX you need to set 4 unique CSP rules:

• script-src https://dc.cux.io
• connect-src wss://n-{token}.track.cux.io
• connect-src wss://o-{token}.track.cux.io
• frame-ancestors https://app.cux.io

{token} is the unique token of your project. We provide the full CSP configuration information during onboarding (you can copy or send it to the appropriate people in the organization).

Privacy Policy Input for your page [Template]

If you’d like to inform visitors to your site that you use CUX to record them, you need to update your privacy policy or terms of use. To help you with this task, we’ve prepared a snippet of text that you can use as an inspiration.

Please note that in each case, you need to adjust this text to match your service and current legal regulations concerning data privacy. The text provided on this page isn’t a piece of legal advice, and we don’t offer legal consulting. Please consult a lawyer to proceed with the final version for your site.

[English]

We use the cux.io tool provided by CUX Research Sp. z o.o. We do this based on our legitimate interest in creating website usage statistics and analyzing them to optimize our websites.

cux.io records users of our site and allows us to play a video of their actions on our site, as well as to generate the so-called heatmaps. cux.io does not provide us with any information that enables us to identify you. Your data is encrypted at the browser level and is not sent to cux.io servers.

The information we collect with cux.io include:

1. Information about the operating system and web browser you are using,
2. Time spent on our website and its pages,
3. The pages you view on our site,
4. Transitions between individual pages of our website,
5. Source from which you come to our website,
6. Places where you click on our pages.

To use the listed data, we implemented the monitoring cux.io code in the source code of our website. It uses cookies from the cux.io tool. You can disable the cux.io tracking code by disabling cookies on our site.

To learn more about the data processing policy of cux.io verify their privacy policy at https://cux.io/legal/privacy-policy/.

[Polish / Polski]

Korzystamy z narzędzia cux.io dostarczanego przez CUX Research Sp. z o.o, ul Robotnicza 42A, 53-608 Wrocław wpisanej do KRS 0000792391. Działania w tym zakresie realizujemy, opierając się na naszym prawnie uzasadnionym interesie, polegającym na tworzeniu statystyk i ich analizie w celu optymalizacji naszych stron internetowych.

cux.io rejestruje użytkowników naszej strony i umożliwia odtworzenie nagrania wideo z jego ruchu na naszej stronie, jak również wygenerowania tzw. map cieplnych. cux.io nie udostępnia nam żadnych informacji, które pozwalają na Twoją identyfikację, ponieważ Twoje dane są szyfrowane na poziomie przeglądarki i nie są wysyłane do serwerów cux.io.

Informacje, do jakich mamy dostęp w ramach cux.io to, w szczególności:

1. informacje o systemie operacyjnym i przeglądarce internetowej, z której korzystasz,
2. czas spędzony w naszym serwisie oraz na jego podstronach, podstrony, jakie przeglądasz w ramach naszego serwisu,
3. przejścia pomiędzy poszczególnymi podstronami w ramach naszego serwisu,
4. źródło, z którego przechodzisz do naszego serwisu,
5. miejsca, w które klikasz myszką na naszych stronach.

W celu korzystania z powyższych danych zaimplementowaliśmy w kodzie źródłowym naszej strony monitorujący kod cux.io. Wykorzystuje on pliki cookies narzędzia cux.io. Z poziomu naszej strony, z wykorzystaniem mechanizmu służącego do zarządzania plikami cookies, możesz wyłączyć kod śledzący cux.io.

Jeżeli chcesz dowiedzieć się więcej na temat polityki przetwarzania danych przez cux.io, zachęcamy do spojrzenia na politykę prywatności cux.io https://cux.io/legal/privacy-policy/