Select Page

Secure & Compliant

One of the main benefits of Surfly’s co-browsing solution, compared to a screen sharing solution, is that there is no need to gain or give access to a computer and no installation of software or plugins required. The shared web session is fully isolated to a single browser tab, and by closing this tab the session ends automatically.

We take security seriously. We approach security by incorporating state-of-the-art functionality which allows you to clearly separate who is in control of the session and who can see what. Surfly itself is built and deployed with a secure-first approach monitored 24/7.

Secure Cloud or On-Premise

Surfly is hosted in data centers worldwide with the highest level of security, fully compliant with
industry standards.


gdpr logo surfly

GDPR Compliant

ISO 27001



We got your back

For our clients with stringent security and privacy needs we offer – apart from our secure cloud solution – the option to self-host the solution on their own premises. This allows you to treat Surfly as a black box where you can strictly monitor and define what comes in and goes out.

Secure Functionality

Secure Control Switching

Govern what an agent can see when customers input their personal information during a session.

White & Black Listing

Control access: Either allow or deny access and privileges to specific white or black listed members.

Action Audit

Make all session actions accountable. Our audit log tracks all session actions and optionally expands to custom user events.

Behavior Control

Control what an agent can or cannot do, customize your flow to make sure only your customer can click a certain button, i.e. a buy button.

Security by Implementation

No Data is Stored

A Surfly session does not store any session data and personal information to disk. This is enforced along the full stack and all of our partners. When nothing is being stored, nothing can be lost.

Data in Transit is Encrypted

We use strong SHA-256 SSL encryption for data in transit. The same kind of encryption your bank uses.

Audit Controls

Access to the servers is strictly limited to a select group of verified persons with comprehensive and audible logs of user activities.

Isolated Control

Only the person who controls the session has access to session secrets. Others who join your session only get access to the content that they are allowed to see, with optional data filtering and removal options.

Privacy Control

Companies that integrate Surfly can fully customize what should and should not be accessible within a Surfly session.

WordPress Lightbox Plugin