As an extension of your product, we believe that performance and security must be central to everything we do. As product people, we wouldn’t want to add anything to our product that erodes these core tenets. This is why we have continuously focused on ensuring that our solution doesn’t impact the integrity of your data, your users, or your application.
Pendo’s application and data are hosted and stored in Google’s Cloud Platform where they share the same infrastructure as Google’s primary services. Data for each customer is using separate Google AppEngine namespaces to ensure that no data is co-mingled.
All data hosted by Pendo is encrypted. If the application is accessed via SSL, data is also transferred encrypted via SSL.
The only identifying information that Pendo requires is a unique user ID for your end users. All other information is optional (but will provide for richer analysis and segmentation). Pendo does not collect any user-entered form field text in your application.
2-factor authentication is available via Google Authenticator.
Pendo is PCI compliant and conducts a 3rd-party security audit every year. In addition, Google AppEngine is SOC 2, SOC 3, ISO 27001, FISMA, and PCI compliant.
Pendo is designed to minimize the impact on your application. The client-side agent is only about 50 Kb and loads asynchronously. Data transmissions are queued and sent to the server every 2 minutes. Data is compressed before sending so that each transmission is less than 2 Kb.
Guides load with the Pendo agent. They will not be displayed until the current page is finished loading. The typical response time for guides is sub-second with 99% of guides delivered in less than half a second.
Download our engineering guide for best practices on deploying, configuring, and managing Pendo within your application for maximum performance and security.Download Now