Delivery you can trust.
When a visitor submits a form on your website, Visisto is responsible for getting that contact to the right place — your email platform, your CRM, or your own systems. That delivery has to be reliable, verifiable, and safe. Every security feature in Visisto is designed around those three requirements.
All data transmitted between Visisto and your connected tools is encrypted in transit using TLS 1.3. Contact data stored in Visisto is encrypted at rest. Webhook payloads are signed so your endpoints can verify authenticity. Delivery failures retry automatically and are logged in full so you always know what was sent and when.
Visisto does not store payment information. Payment processing is handled exclusively by Stripe. Visisto receives only a subscription status from Stripe — no card numbers, bank details, or payment credentials are stored on Visisto infrastructure.
Signed webhook payloads
HMAC SHA-256 signatures on every outbound webhook request.
Every webhook request sent by Visisto includes an HMAC SHA-256 signature in the request headers. Your endpoint can verify this signature using your webhook secret to confirm that the request genuinely came from Visisto and has not been tampered with in transit. This prevents replay attacks and protects your systems from accepting spoofed payloads from unauthorised sources.
Automatic retries with exponential backoff
Failed deliveries retry automatically — no contacts lost.
If a delivery to an integration or webhook endpoint fails — for example, because your server is briefly unavailable — Visisto retries the request automatically. The first retry fires within 30 seconds. Subsequent retries follow an exponential backoff schedule over the next four hours. Every retry attempt is logged with its timestamp and response code so you have a full audit trail of each delivery attempt.
One-click delivery replay
Replay any failed delivery manually from the dashboard.
After a failed delivery, you can replay it with a single click once your endpoint is restored. The replayed request uses the original payload — the same data that was captured at the time of the original event. This means no data is lost due to temporary infrastructure issues, and you have full control over when and how deliveries are retried after an extended outage.
Tenant-scoped access control
All API writes are scoped to your workspace — strict isolation.
Every API request in Visisto is authenticated and scoped to a specific workspace. It is architecturally impossible for one customer's data, widgets, or contacts to be accessed by another customer's API credentials. Workspace isolation is enforced at the database query level, not just at the application layer, meaning scoping is applied to every read and write operation regardless of how the request is made.
PII redaction in delivery logs
Personal data is redacted from logs — you control what is retained.
Delivery history logs show you the structure and status of each payload without storing raw personal data in the log records. Email addresses, phone numbers, and custom fields captured through widgets are transmitted to your integrations and webhooks but are not retained in plaintext in Visisto's delivery audit logs. This approach limits PII exposure in our logging infrastructure and simplifies compliance with GDPR data minimisation principles.
SSRF protection on outbound hooks
Outbound webhook requests are validated to prevent internal network access.
Before Visisto sends a webhook to any configured endpoint, the destination URL is validated to prevent Server-Side Request Forgery (SSRF) attacks. Requests to private IP ranges, loopback addresses, and internal network ranges are blocked. This ensures that webhook configuration cannot be used to probe or access internal infrastructure — yours or ours.
Infrastructure and compliance
Visisto is hosted on infrastructure that supports industry-standard security practices including encryption at rest, network isolation, and automated vulnerability scanning. All Visisto services communicate over private networks with no public exposure except at explicitly defined API boundaries.
Visisto processes personal data as a data processor on behalf of our customers (the data controllers) in accordance with GDPR. Our privacy policy defines our data processing activities, the legal bases we rely on, and the rights available to data subjects. Customers are responsible for ensuring their use of Visisto's contact capture features complies with applicable privacy regulations in their jurisdiction, including obtaining appropriate consent from website visitors before capturing their contact data.
We take a minimal data approach to logging and telemetry. Application logs capture system events and error states — not personal data or contact payloads. This limits our exposure surface and simplifies compliance with data minimisation requirements under GDPR Article 5.
Responsible disclosure
If you discover a potential security vulnerability in Visisto, we ask that you report it to us privately before public disclosure so we can investigate and address it. Please send a description of the issue, steps to reproduce, and any proof of concept to security@visisto.com. We will acknowledge your report within two business days and aim to resolve confirmed vulnerabilities within 30 days. We appreciate the security community's help in keeping Visisto safe for all customers.