Performance & Security
No. Static images do not affect your page speed once uploaded as badges (they are “lazy-loaded”). Images should be optimized before they are uploaded. If you have a big image (e.g., 1MB) as your thumbnail you should first resize it. Sizing itself won’t affect your page speed, but it will affect how the badge looks.
The average size of the snippet is below 50kb (+- 20kb gzip) which means it loads on average within 50 milliseconds.
Crobox loads scripts, fonts, images and fetches data from 2 domains, so you need to add
cdn.crobox.io api.crobox.com. to the
default-srcif not using those specifics) sections. Next Crobox creates the stylesheets dynamicly so
'unsafe-inline'must be in the
style-srcsection. Other third-parties that might be used are Google Fonts and Unsplash, so the resources of them also needs to be whitelisted if not already included. Depending on how strict the policy is applied you might also have to add
script-srcsince this is used for the Crobox preview mode.
DOMContentLoadedevent before it starts executing the logic.
From that logic it will request a promotion from our API to show to the visitor. The average response time of our promotion endpoint is around 15ms. This ensures that the whole roundtrip and rendering to the DOM happens within the blink of an eye.
Any user can easily opt-out; clients don't need any custom integration for this. After opting out, the Crobox tracking cookie (if available) will be deleted and a new cookie will be set indicating that the specific user does not want to be tracked over (new) sessions. After opting out, no personal data will be collected anymore and no profile will be created / updated.
The client is the owner of the data, but the data is stored at external servers managed by Crobox. Part of the data can be accessed using our dashboard and/or Application Program Interface (API). Data is stored separately from other clients and is not used for or by other clients, domains and/or used for other abstraction or reporting means.
Crobox tracks click behavior of individual users. This behavior is collected, processed and then encoded into a personal profile. Click behavior is interpreted as - though not limited to - tracking events and/or page views of a specific user to record whether he/she engages with a specific link, image and/or product.
The cookie controlled by Crobox contains a randomly unique identifier (UUID) that tracks the user over multiple sessions. Its expiration date is set to 180 days. If the client has the possibility to send us an UUID, there is no cookie setting required resulting in no Crobox cookie stored at all.
This is the responsibility of the client. Crobox only sets the expiration date to 180 days.
We comply with most stringent security policies. All data is stored in a EU-based datacenter. But we do use services from US-based companies for distribution and backup.
Any eCommerce platform such as Demandware, Magento, Intershop, or Woocommerce.