This document covers frequently asked questions about Appcues for web, for detailed information about Appcues for mobile refer to the information in the Mobile section or contact us.

What is Appcues?

Appcues is an in-app user engagement platform meant to empower your non-technical colleagues. It allows them to create targeted modals, guided tours and other types of user experiences without having to burden engineering with the implementation. Someone from marketing, product or support can create and publish a flow to the right user at the right time.

The platform is made of two parts:

1. A web application used to design and publish flows—modals, guided tours, etc.—without any code.
2. An in-app SDK that delivers flows to your application for the intended users.

How does this help my team?

As an engineer, how often do you get these kinds of questions?

• "Can you add a modal in the app when someone signs in for the 4th time?" — The marketing team
• "We just launched a new feature. Can you come up with a few tooltips that teach someone how to use it?" — Some product manager
• "People keep getting confused by this. Can you add a little beacon to call out this text, but only for admin users?" — A support rep

You're a team player and want to help, but these kinds of tasks aren't a good use of your time. You should be working on the hard problems—building distributed systems, upgrading your frontend framework, fixing critical bugs. Likewise, your non-technical colleagues don't enjoy bothering you either. They know you have an endless backlog and are in the middle of an important sprint.

Everyone just wants to be able to do their own job effectively.

If your team was using Appcues, they'd be able to do those tasks and much more, immediately and without requiring help from you.

How do I install Appcues?

Follow the step-by-step guide in Appcues. The guide has copyable snippets for each step, tailored to the front-end stack you select. Here's a more detailed overview. 

Installing Appcues involves a few steps:

1. Adding our SDK to every page in your application where you want to use Appcues 
2. Re-initializing Appcues upon page loads 
3. Passing a unique user identifier and additional user/group properties
4. Calling appcues.Group(); to associate the currently identified user to a group (recommended)
5. Tracking events (optional) 

For more advanced integrations, check our full Javascript API.

Does this affect the performance of my application?

Improving app performance is an important concern for a mature engineering team, and third-party tools should be measured with the same, if not higher, standards as internal libraries.

The Appcues SDK is designed and operates in a way that minimizes the performance impact of installing it in your application. The SDK is delivered by a content delivery network (CDN) called Fastly, the same one used by Github and Twitter, to ensure rapid loading times.

The SDK can be loaded asynchronously to further lessen the impact on page load times, and our team constantly monitors the loading performance to make optimizations.

You can view our track record and current performance from the Service Status page.

Is Appcues secure?

Appcues does not collect any user-entered text or information within form fields in your application. Appcues' application and data are hosted and stored in Amazon Web Services (AWS) and the Google Cloud Platform (GCP) where they share the same infrastructure as Amazon and Google's primary services. Both allow Appcues to operate in a robust, fully multi-tenant infrastructure with the same reliability, performance, and security characteristics of their parent companies. Both vendors are SOC 2, SOC 3, ISO 27001, and PCI compliant, and both complete multiple independent security audits annually.

All of the application data collected by Appcues is transmitted over SSL, encrypted both in transit and at rest. You can read more about our  Security Practices from our website.

Appcues is fully compliant with GDPR. You can read our full statement on GDPR compliance on our  Privacy Policy from our website. We also have a standard DPA, including the Standard Contractural Clauses (SCCs), that is available to all customers. If you'd like to execute our standard DPA, please contact security@appcues.com.  More information can be found on the Appcues Trust Page.

If you need to ensure that only users you verify can send data to Appcues and see Appcues experiences targeted to them, consider setting up Identity Verification.  

See the Appcues Shared Responsibility Model for Privacy and Security for more information.

Can I install without sharing any PII?

Appcues does not require any end user PII (personally identifiable information) for a successful implementation.

The only PII that will automatically be shared with Appcues is the names and email addresses of admins and content creators (employees of your company that sign in to the Appcues platform to create content or view results).

To avoid sharing any end-user PII with Appcues, follow these 2 steps:

1. Choose a non-identifiable unique user ID during installation (not an email address).
2. Exclude any PII from the list of user properties and events shared with Appcues for user segmentation, targeting, and personalization. This shouldn't impact your ability to fully use the Appcues platform, aside from adding personal touches such as adding {{ first_name }} into Appcues experiences. Stick to non-PII attributes such as "created date", "role", "plan type", "logged in" event, etc. 

Note: If you plan to use open feedback surveys in your product via Appcues, frame the questions in a way that will not invite users to add PII in their answers.

How should I choose a User ID?

Appcues recommends choosing opaque and hard-to-guess user IDs, such as a UUID.

Choosing user IDs that are easy to guess, such as sequential numbers or email addresses, introduces a couple of potential problems with the security and data integrity of your installation.

1. If an ID can be guessed, someone could upload false or junk profile information to your users' profiles. This could potentially introduce targeting errors for those users.
2. If you use personalization, someone could spoof their user ID in order to qualify for flows that don't belong to them, allowing them to retrieve the data fields used to personalize those flows.

For these reasons, Appcues recommends choosing a user ID that is difficult to guess, and not based on any data that could easily be looked up online, such as the user's name or email address.

Can I send account-level properties in addition to user-specific properties?

Yes, in addition to tracking specific properties on the user level, Appcues also supports group calls which will allow you to connect an individual user to one or more groups.

Does Appcues have a public API?

Yes, the Appcues public API can access flow information, update segments & user profiles, and bulk import & export data.

What else should an engineer know about Appcues?

Our product is built by real people who care a lot about software and the craft of making high-quality software tools and platforms. You can view our open-source contributions on Github.