Skip to main content
Skip table of contents

Privacy & Security

Security is a core design principle of our technology. When no data is stored, no data can be lost. The whole Surfly session has been designed to act as infrastructure, information is only passing through but never stored.

  • We don’t store any session data. All session data only lives within memory during the time of the session, we do not store it on disk.

  • Surfly uses secure HTTPS connections

  • We use strong SHA-256 SSL encryption for data in transit, the same kind of encryption your bank uses.

  • Surfly is PCI compliant. We never store your credit card, as this is all handled by Chargebee.

  • We are fully GDPR compliant & ISO27001 certified

And it doesn’t stop there… Surfly co-browsing comes with built-in features that you can enable to make your sessions more secure. For instance, you can restrict your users to only be able to co-browse your website, or you can disable the option that allows your agents to take control over the navigation. 

Moreover, our API comes with built-in functions that enable you to secure your website even more during a co-browsing session. With “field masking” you can mask form fields from your agents, and with “control dependent appearance” you can change the look of the web page or create restrictions according to who is in control over the session. Finally, with our “audit log” functionality you are able to trace back all steps that your users have taken during co-browsing.

Read more about GDPR compliance here >>

Read more about PCI compliance here >>

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.