Data collected by Pushwoosh
Learn what data Pushwoosh collects and how it stores the collected data.
Last updated
Learn what data Pushwoosh collects and how it stores the collected data.
Last updated
To send push notifications, in-apps, emails, etc. correctly and enable the whole set of its features, Pushwoosh requires device and user data. Segmentation based on user data is also necessary to enhance various metrics and achieve business goals. That is why Pushwoosh securely accesses this data with client control.
It's important to note that Pushwoosh can only access the data for which a particular customer has given permission. When integrating Pushwoosh SDK into an application, users can choose to allow or forbid the SDK to collect specific information about the app users' devices.
In addition, certain types of data (such as precise geolocation data) are only accessible with an individual user’s explicit permission. This ensures transparency and prevents unauthorized third-party data collection.
There are three types of data Pushwoosh collects:
Device data collected by Pushwoosh SDK
User data gathered and shared by the customer
Data on triggered Events
Device data is generated by a user's device and is anonymized, preventing identification of individual users. This data is then transmitted to Pushwoosh servers for further processing, in accordance with the needs of Pushwoosh customers. Pushwoosh needs this data to correctly send push notifications and enable certain features.
While device data is collected by default, app developers can manually prohibit the collection of specific data types during SDK integration. Learn more
See the full list of device data collected below.
| Data type | Description | Comment |
|---|---|---|
Note: GeoIP is used for geotargeting but is not collected on Pushwoosh's side.
User data can include things like user demographics, preferences, etc.
Pushwoosh clients have full control over what user data is shared with Pushwoosh. Pushwoosh accesses user data only if the app developer collects it and chooses to share it, for example, using the setTags method.
User data enables greater personalization in marketing communications. For example, you can segment users by age group or preferences to tailor your messaging more effectively.
This data includes various actions users perform in the app. Developers use the postEvent method in the Pushwoosh SDK to report these events and their attributes.
Pushwoosh uses this data to create dynamic content for push notifications, enhancing personalization and relevance, which boosts user engagement and conversions. For example, you can mention the level a game player has achieved, the exact product a customer has added to the cart, or an in-app achievement a user has unlocked.
Pushwoosh does not collect sensitive or personally identifiable information (PII) such as email addresses, phone numbers, names, credit card details, or financial information unless provided directly by the Pushwoosh client, at the client's responsibility.
Pushwoosh does not share, distribute, market, or advertise to third parties or communicate with end-users directly.
Pushwoosh does not collect cookies, International Mobile Equipment Identity number (IMEI), or Media Access Control (MAC) addresses since they are not required for Pushwoosh functionalities.
You can prohibit the storage of your data after your contract with Pushwoosh ends. We can delete the data immediately on the contract expiration date or agree on a specific period after which the data will be deleted.
Pushwoosh services are hosted in Nuremberg, Germany. Data is stored in our data center located there, with secondary backup locations in Frankfurt, Germany.
When using Pushwoosh, you can be assured that your data is handled in compliance with GDPR and other relevant regulations. Pushwoosh is committed to maintaining high standards of security and data privacy through various compliance measures.
Yes, Pushwoosh is compliant with various data protection regulations and ensures secure data processing. We only access the data required to create relevant messaging campaigns, and you have full control over what data is shared with us. For any concerns about data safety and security, you can always contact our support team.
| Metric | Storage period | Comment |
|---|---|---|
| Compliance standard | Compliant | Details |
|---|---|---|
Geolocation information
City and country based on the latest IP address a device was online from.
Pushwoosh uses GeoIP to determine a user's city and country and then stores this data in the database. This does not reveal the user's precise location and does not require the user's permission.
Precise location data
Collected if location tracking is implemented and allowed by the user (Geofencing).
iOS IDFV
Identifier for the vendor, used as device HWID for routing pushes between iOS apps of the same vendor.
Pushwoosh collects IDFV to distinguish devices in its database. This allows recognizing applications installed on one device and creating app groups with Pushwoosh’s (legacy) Application Groups feature. It allows you to send one push notification to several applications with one click, and those users who have two or more apps installed will receive only one message.
Device model
The specific model of the device.
Device language
The system language of the device.
OS version
The operating system version.
Application version
The version of the app installed on the device.
Device time zone
The time zone set on the device.
iOS Bundle Identifier and Android Package Name
Used to check for correct push notification setup.
Platform
Collected for the device platform recognition.
Other data
Any additional data points collected by the SDK on behalf of the customer.
Device data
As long as the device has a valid push token
Inactive device data
90 days (if no app opening event occurs within this period)
Devices that have been inactive (app not opened) for more than 90 days will be automatically removed from the system, regardless of token validity. This ensures up-to-date device data for a smoother experience.
User data
As long as the device has a valid push token
Events
history
1 year
You can extend the events storage period upon agreement. For this, please contact our support team.
ISO 27001 Certified Data Centers
Yes
Pushwoosh's data centers meet the ISO 27001 security standard for infrastructure, operation, and customer support.
GDPR Compliant
Yes
Pushwoosh adheres to the European General Data Protection Regulation (GDPR) to ensure user data privacy.
OWASP Standards
Yes
Pushwoosh follows best practices outlined by the Open Web Application Security Project (OWASP) to design secure software.