Compliance & Security
We take compliance and security very seriously at highlight.io. We officially have a SOC 2 Type2 report, GDPR compliance and are currently in the process of attaining HIPAA.
If you're evaluating highlight.io at your company and want to request documentation of any of our certifications, request a DPA, or have questions on the security end, please shoot us an email at firstname.lastname@example.org.
Below is a list of our subprocessors:
|Subprocessor||Processing Usage||Country of location|
|Amazon Web Services (AWS)||Data hosting and processing||USA|
|Hubspot||CRM, Marketing Automation||USA|
Avoiding Cookie Consent (disabling localStorage)
If you're using the highlight.io browser client and would like to avoid requesting cookie consent from your users,
you can pass the
storageMode: 'sessionStorage' option to
H.init to make sure that highlight will not persist
any data in
window.localStorage. This will mean that if a user leaves your site and returns later, a new
highlight recording will start regardless of the time since they left,
since we will not persist any metadata in the browser.