Privacy & Data Handling
Moveo One is designed with privacy, transparency, and compliance at its core.
We believe analytics should empower better user experiences β not compromise user trust.
This page explains how Moveo One handles data, what is collected, and how developers can maintain full control over privacy.
Overviewβ
Moveo One operates under a privacy-first design principle:
- Only the minimum required data is collected to generate insights
- All user data is anonymized or pseudonymized at rest
- Developers retain control over what data is sent
- Moveo One complies with GDPR, CCPA, and HIPAA
What Data Moveo One Collectsβ
| Category | Examples | Purpose |
|---|---|---|
| Behavioral events | Clicks, taps, scrolls, screen views, navigation | Understanding flow, engagement, friction |
| Session metadata | Duration | Aggregation and segmentation |
| Predictive signals | Model scores, dwell time, hesitation | Generate real-time UX insights |
| Custom properties (optional) | e.g., plan type, experiment ID | Developer-defined attributes for analysis |
π No personal or sensitive data (names, emails, payment info) is required by default.
Developers can choose to anonymize all custom properties through SDK.
What Moveo One Does Not Collectβ
β No raw keystrokes
β No screenshots or visual screen capture
β No personal identifiers unless explicitly provided
These restrictions are enforced by SDK design β preventing accidental data leaks.
Data Ownershipβ
- You (the customer) remain the sole owner of your collected data.
- Moveo One acts as a data processor, not a data controller.
- Data is stored and processed only within the selected region (EU or US).
- You can request export or deletion of your data at any time.
Regional Data Hostingβ
| Region | Default Storage | Availability |
|---|---|---|
| EU | Frankfurt, Germany (GCP) | Default for EU-based orgs |
| US | Iowa, USA (GCP) | Optional for US orgs |
| Private Cloud / On-Prem | Customer-defined | Enterprise plan |
Data Retentionβ
- Predictive model training data: aggregated and anonymized
- Request to delet user sessions and/or data are permanently erased within 24 hours
SDK Privacy Controlsβ
All SDKs (Web, iOS, Android, Flutter etc) are open sourced and published on Github Repository
Data Export & Deletionβ
Currently the data deletion is supported over explicit request thorugh an email to π§ privacy@moveo.one
Soon supported: You can delete or export user data at any time via the API or dashboard.
API Examplesβ
# Export user data
curl -X GET https://api.moveo.one/v1/users/export?userId=user_123 \
-H "Authorization: Bearer YOUR_TOKEN_HERE"
# Delete user data
curl -X DELETE https://api.moveo.one/v1/users?userId=user_123 \
-H "Authorization: Bearer YOUR_TOKEN_HERE"
β Example response:
{ "status": "deleted", "userId": "user_123" }
Compliance & Certificationsβ
| Standard | Status | Notes |
|---|---|---|
| GDPR | β Compliant | Data hosted in EU regions by default |
| CCPA | β Compliant | Supports data deletion and export rights |
| HIPAA | βοΈ Available | Optional BAA for enterprise deployments |
| SOC 2 Type II | π§ Planned | Target Q3 2026 certification |
Data Encryptionβ
- All data is encrypted in transit (TLS 1.2+) and at rest (AES-256)
- API keys and tokens are hashed and never stored in plaintext
- Predictive model data uses feature-level obfuscation
User Consentβ
You can integrate Moveo One with your existing consent flow.
Example:
if (userConsented) {
MoveoOne.enableTracking();
} else {
MoveoOne.disableTracking();
}
Developer Tipsβ
β Recommended
- Anonymize user IDs unless you need cross-session tracking
- Always disclose analytics usage in your productβs privacy policy
- Use Moveoβs SDK options to disable tracking in sensitive contexts (e.g. payment screens)
β Avoid
- Sending PII in event names or property keys
- Using custom properties to encode private data
Contactβ
For compliance or data protection questions, contact our DPO team: π§ privacy@moveo.one