At SolarWinds, we routinely work with our clients to collect feedback about how our solutions are working and where they can be improved, whether through our thriving THWACK community, specific UX research initiatives, industry events, or the many conversations we have with our customers through our calls.
While this feedback is immensely helpful, because of the scale of our user base, we want to make sure we get data on how our customers are using our products to validate and improve these products for everyone. To achieve this, we’re making an investment in a product analytics tool called Pendo and will be adopting it across many of our products over the coming months. Pendo is an industry-leading and secure tool designed to collect user interaction data, whic will help us analyze usage patterns and gain insights to feed our product development efforts.
We realize you may have some questions about this change, so we wanted to create this blog to answer some common questions. Feel free to comment if you have further questions.
For our customers who have opted out of data collection, Pendo will not collect any information, run in your environment, or make any connections back to Pendo servers.
For our customers who have opted into sending usage data to improve our application, Pendo will collect user interactions with the application itself. These are click, focus, and load events.
- Click events are wherever you click with your mouse inside the SolarWinds product
- Focus events trigger when you put your cursor in an element like form inputs or search boxes
- Load events trigger when a page is loaded
When the data for these events are sent to Pendo, they include details about what the element was, their parent or sibling elements, some metadata added by the application to identify a user and an account specifically, and other data that may help improve product usage. Your browser type and IP address are also collected to identify aspects of your environment.
For user data collection, our application sends a hashed unique identifier to Pendo. This is not your email address or any other personally identifiable information (PII). For individual accounts, we send a hashed identifier to Pendo as well. While these are hashed, SolarWinds would be able to connect Pendo data to email addresses, but our analysis doesn’t require email addresses. Our data needs to be able to distinguish between users to make the data reliable.
Pendo does not collect any events outside those mentioned above and does not collect inputs provided by the user. For example, if there is a form to be filled and submitted within the product, Pendo does not collect the form contents, but only events like clicking a submit button or focusing on the form element to type. Not collecting this information allows us to avoid accidentally gathering personal or sensitive data.
Pendo is also restricted to a user interaction with the app and does not view, access, or collect customer data.
SolarWinds adds a script to our application's front end, which loads a Pendo agent that collects data within the parameters defined in our settings. This data is encrypted and sent to secure servers and stays encrypted at rest.
We don’t expect there to be any performance issues. Pendo is a scalable solution that is in use by large companies. It can intelligently schedule its data transfer to not interfere with product usage.
No. We don’t collect private information like email addresses, mailing addresses, or other information that may identify an individual through Pendo. SolarWinds can connect the user to the data collected because we know the email addresses used to create accounts and match it to the hash made, but this data is not stored in Pendo.
Yes. Pendo uses state-of-the-art methods and tools to provide security of our data. You can read more about Pendo’s security here: Data Privacy and Security | Pendo.io
Yes. As with some of our other programs, you can opt-out of data collection from Pendo by following the steps in this link to a knowledge base article or you can opt-out as well by following steps outlined here.
Yes, we will remove your data as defined by our policies here.