Data to and from Hotjar's servers is encrypted in transit.

Our Data Safety, Privacy & Security article explains the exact details of the setup in more depth.

All of our production infrastructure is built with redundancies in place, in highly-available configurations spread over three different availability zones in the eu -west-1 AWS region.

Infrastructure is kept as code using Terraform, and other infrastructure-as-code tools with changes going through a process very similar to the application-level software development process. We make use of separate infrastructure for development, staging and live environments, with no sharing of data between environments.

Passwords are stored in a hashed format using PBKDF2-SHA512.

VPN access requiring 2-factor authentication is required to access any internal resources.

Access to customer data is limited to authorized employees who require it for or operational and maintenance activities.

Access to sensitive production data is limited to just the devops team.

We do extensive monitoring of infrastructure and application performance, which usually allows us to detect issues before many customers experience them.

Automated alerts are set up with an on-call schedule with escalations. In case an issue isn't acknowledged within 10 minutes, it's escalated to all other members of the devops team.

We perform annual application-level penetration tests via an independent third party.

Our aim is to fix any discovered critical issues within 2 business days, and high-severity issues within 30 business days.

Medium-severity and lower-severity issues are handled as part of ongoing security work.

Hotjar implements a protocol for handling security events and other operational issues which includes escalation procedures, rapid mitigation, and post-mortems.

You can visit our status page to get updates on any potential issues, and even subscribe to automatic updates.