Lipscore handles personal data on our customers behalf and we take this responsibility very seriously. All relevant information regarding Lipscores GDPR compliance should be found here.
Data Protection Officer
Data Protection Officer
Name: Henning Kvammen Frettem
All customers that want to write a review using Lipscore services are required to give their consent for publishing the review. Each individual review has the consent attached to it. If the customer did not give his/her consent for publication the review can only be used internally and not published in any way.
In order to provide our ratings and review services for our clients they are required to send us information about their customers and which services they have used or which products they have bought. Running our widgets on their websites also leaves traffic data exposed to our servers:
Traffic data from customer websites is visible to Lipscore servers, including information like client IP address, browser information, URLs, referrer, etc. Data is logged for 30 days in order to do monitoring and error checking.
Order / purchase transaction data
Lipscore receives order / purchase transaction data from our customers in order to send review invitations and collect ratings and reviews, and to invoice the customers for this service. All order / purchases are disconnected from the customer data permanently (user_id is deleted from the purchase data) 6 months after the review invitations has been sent.
Customer data – no ratings or reviews
Lipscore receives Full names, email addresses and phone numbers for our clients customers. If the customer has not added any ratings or reviews and has not made any new orders / purchases in the last 6 months, the name, email address and phone number is deleted permanently.
Customer data – has given ratings or reviews
Full names, email addresses and phone numbers of customers that has given a rating or written a review will not be deleted
In order to honor customers unsubscriptions we do preserve phone number and email addresses of these customers.
All Lipscore servers are located in the EU, but Lipscore is built on a cloud infrastructure which means that some data might move around various data centers inside the EU.
Please note: Personal Data as such is not transferred to, nor accessible from countries located outside EU/EEA (“Third Countries”). If a review is viewed on a device located outside EU/EEA, the name of the reviewer may be temporarily cached on a Fastly web caching server located outside EU/EEA.
Core application servers / databases
Our core application is hosted on Heroku EU, which is based on Amazon Cloud Infrastructure
Sending review invitation emails
Lipscore review invitations are sent using Mailguns servers in Germany
Widget / API-caching
Lipscore uses Fastly, a very high-performance Varnish frontend cache for optimal data delivery to our customers websites. Average response time is <30ms per request
Make.as / Teletopia.no
Lipscore SMS messages are sent through Teletopias SMS gateway in Norway
Assets storage (review images)
Images that customers upload in their reviews are stored on Amazon AWS. No customer data is uploaded here.
Core application monitoring
Our core pllication is monitored by NewRelic (cpu, memory, etc). No customer data is uploaded here.