Privacy & Security
AudioEye takes seriously the security of each of our clients and has a duty to protect every visitor requiring assistance via the Reader embedded within our Clients' websites. For this reason we never store any Personally Identifiable Information (PII) on our platform.
When the AudioEye tools are installed on a secure domain, AudioEye simply provides an audio overlay to the real-time information present on the site. All text transmitted to AudioEye for speech conversion is done via a secure Verisign TLS/SSL channel. To ensure the highest standard of security, no audio is cached for secure sites.
When dealing with secure forms, AudioEye is simply generating one-time use audio files that describe the behavior of the forms. The form submission is securely processed through the Publisher’s original secure infrastructure, and all data is communicated securely between the client and the Publisher’s server(s) as would be the case if the AudioEye product was never installed.
In order to provide the text-to-speech conversion of data input into a form, a secure Verisign TLS/SSL channel is established between the Client system and the AudioEye cloud-based speech engine. Text data is transmitted securely to the speech generator, immediately converted into an audio stream, and delivered back to the client system via the same encrypted channel.
Raw form input data sent to the AudioEye platform for speech conversion never contains a reference to the original form being populated.
- No secure text is ever stored on the AudioEye Ally Platform
- No form input data is ever stored on the AudioEye Ally Platform
- No Personally Identifiable Information (PII) will ever be stored on the AudioEye Ally Platform
AudioEye will gladly discuss any client-specific security concerns. Contact us today to setup a meeting with our security professionals to address any questions you might have regarding privacy and security.
Cookies are unique identifiers that we transfer to your device to enable our systems to recognize your device and to provide feature benefits.
AudioEye utilizes "cookies" within the Product to ensure your experience is consistent and personalized. Examples of data stored include whether or not you have been exposed to first-time walkthroughs, the last state of each tool you interacted with, and any user preferences you may have set. A cookie is a text file that is stored on your device. Cookies store bits of information that we use to help make our products work. They can't execute any code and don’t contain viruses. No one can read our cookies except us.
Types of Cookies We Use:
- Security: These cookies allow us to secure access to your account
- Preference: These cookies are used to store your preferences like zoom level and which modules are enabled
- Analytics: We track Product usage patterns so we can identify popular features as well as potential issues
The Help feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether.
AudioEye Product Usage
Certain AudioEye modules, including Voice, require you to provide Speech Data in order to use and experience the benefits of the particular module. These AudioEye modules collect and process the Speech Data you input. AudioEye or third parties acting under the direction of AudioEye, pursuant to confidentiality agreements, use the Speech Data to develop, tune, enhance, and improve AudioEye services and products. AudioEye will not use the contents of any Speech Data provided to us through your use of the AudioEye Product for any purpose except as set forth above. "Speech Data" means the audio files, associated text and transcriptions and log files provided by you hereunder or generated in connection with AudioEye Products. Speech Data may include Personal Information.
Sessions are set to have Max Lifetime of 20 minutes. Time is calculated as a period of inactivity, with the validity timer resetting with each request.
Login and Authentication
All users and administrators of the Developer Portal are assigned a unique user account and authorization level.
All users authenticate to AudioEye with an email and password of at least eight characters. AudioEye leverages Verisign security services, using 2048 bit encryption for secure data transmission.
In an effort to prevent brute-force attacks, AudioEye will restrict access and require administrative support after multiple failed login attempts.
AudioEye provides a two-factor authentication process for users who may have forgotten their password.
Currently AudioEye collects device type, geographic location, and various application usage metrics. AudioEye leverages Google Analytics to collect user interaction and behavior within the Reader experience, but this information is completely generic and is not personally identifiable in any way. This information is used only by AudioEye in our continued effort to improve the Reader user experience. We may collect additional information at clients request.
Based on clients needs, AudioEye may process PI, PII, or PHI,. We utilize Verisign security services, using 2048 bit encryption for secure data transmission.
AudioEye has internal SOP’s that detail the protections needed whenever processing or transmitting of PI, PII, or PHI.
Any data collected by AudioEye is used only for the purposes of the client application.
Based on clients needs, in rare opportunities, we may be required store PI, PII, or PHI. AudioEye segregates and encrypts any data that we store that could potentially be classified as PI, PII, or PHI. Access to production servers is limited to as few individuals as possible within the organization, currently only two. System developers NEVER have access to any system containing production data. We outsource our data center services to AWS, a SOC-1 certified industry leader.
AudioEye has internal SOP’s that detail the protections needed whenever processing, storing, or transmitting of PI, PII, or PHI.
Without an approved client override, AudioEye software prevents the caching of any client data that is transmitted to a client system over a secure (SSL/TLS) connection.
AudioEye maintains a data inventory. The number of collection and storage points is small, and we maintain a running log of these locations. PI, PII, or PHI is only stored on our servers. We use AWS for data center services. They are SOC-1 certified.
Data is stored only as long as needed, and is purged at clients request.
AudioEye encrypts data in storage.
Based on clients needs, AudioEye may transmit PI, PII, or PHI. We utilize Verisign security services, using 2048 bit encryption.