Quriobot, the technical details

Quriobot very easily integrates with any platform, browser, and device. Mobile-first and thus fully responsive it automatically adjusts to any screen size and even works within your apps.

Quriobot respects that you are very serious about (the security of your data) and so are we! This means we follow the highest standards in security and (data protection) law. Quriobot doesn’t want your data if you don’t want that! We built our system for you to fully transparently use our services allowing you to choose where data is being stored. All data could, for example, go straight back to your own secured servers without it ever touching ours or you choose to only do this with sensitive data like personal data so you can still use our awesome reporting services.

Quriobot API

Quriobot can connect to your API to integrate and expose your (web)services via our Quriobot in Conversational UI style. It can display any data you expose via API or call you API to store that data securely on your own systems. If you want more information on how we can do that please contact us.

Security considerations

Some clients have strict rules of NOT storing any user data with external parties. Quriobot was built with this in mind and can be used in such a way that it stores response data solely with the client’s public API.

By public API we mean the API which is accessible via web. This doesn’t mean that the page where our QB runs can’t have security protection. For example, this can very well be an auth-protected webpage. QB, working in a context of that page, can access secure data for use in the conversation of the bot and send responses back to the same domain with an AJAX call without sending any data to QB webservice.

An example of such a use-case is our implementation for Bazaarvoice who does product reviews via Quriobot. After a consumer finishes their review via Quriobot the response data is sent to their own API. This example also sends data to the QB web service to be able to build a reporting for them, but that part can be switched off if this suits the needs (and/or policies) of the client. The example can be viewed here:  https://quriobot.com/bazaarvoice

Data storage

With Quriobot you have the freedom to choose where and how data will be stored. By default, all collected data is stored on our secure servers with the main benefit that this can then be represented in our back-office in our reporting. But we understand that you don’t always want to store everything with us, for example, personal data from your clients. That’s why we offer you the possibility to send this data straight back to your own servers without it being stored on our side and as soon as the Quriobot is completed or the browser session ends (whatever comes first) the data is gone.

Quriobot has its secured servers set up with AWS in Ireland which is fully EU Data Protection compliant: https://aws.amazon.com/compliance/eu-data-protection/

Quriobot uses AWS RDS (MySQL) service for storage. It is set up inside of the VPC (isolated network), which is only directly accessible within the internal services of ours). When the response is sent to our response API endpoint, response API calls internal data API service, which, by our hardening standards, is the only service that has direct access to the database.

Response data is inserted into a single table (potentially sharded into several databases or tables) as one record per response in the database table. Response data is stored as a single JSON value which allows further data processing without any potential data loss during the saving phase.

Browser Local Storage

Quriobot state is stored in the browser local storage (web storage) to be able to restore the state of the unfinished Quriobot when the page is reloaded intentionally or unintentionally.

This also allows the flexibility for the destination where the response data goes (our servers/client servers/both) as described above.

There’s no tracking data coming from the server saved in the local storage.

A cookie session is only used to save the open/closed events of the Quriobot so purely a user interface related and no user data is stored in the cookies.

Edit this page

Tags
See also