Overview
Integrous Analytics reveals where revenue comes from by connecting attribution data from lead interactions through your sales funnel. We work with your existing tech stack to provide secure analytics and attribution intelligence.
This article outlines our system architecture, data flow, and security model to help IT and security teams evaluate integration requirements and compliance boundaries.
Security Highlights
Full customer control over all business systems and data flows
Scoped access limited to Salesforce objects and fields needed for reporting
No access to marketing automation platforms, web chat tools, or API systems
No PII stored in the analytics environment
Strict separation between customer environments in Integrous infrastructure
Clear boundaries between customer-managed and Integrous-managed systems
Enterprise-grade infrastructure (SOC 2, ISO 27001 certified)
End-to-End Data Pipeline Overview
Attribution Data Capture and Flow into BI Reporting:
JavaScript (Customer Website)
↓ [Form Submission, Web Chat, APIs, etc.]
Customer-Controlled Data Systems (Marketing Automation Platform, Web Forms, Custom APIs, etc.)
↓ [Customer-Managed Integration]
Salesforce (Customer-Managed)
↓ [Enterprise ETL Tools - Data Extraction]
Snowflake (Integrous-Managed)
↓ [Data Processing Layer]
Business Intelligence Platform (Integrous-Managed)
Attribution Data Transformation for Clean Summary Reporting:
Attribution Data Mapping (Customer-Defined via Mapping Interface)
↓ [Customer-Defined Attribution Rules]
Snowflake (Integrous-Managed)
↓ [Attribution Data Updates - Package Fields Only]
Salesforce (Customer-Managed)
Security Boundary:
Customer-Managed Environment: JavaScript → Customer Data Systems → Salesforce
Integrous-Managed Environment:
Read: Salesforce → Enterprise ETL Tools → Snowflake → Data Processing Layer → Business Intelligence Platform
Limited Write: Attribution Data Mapping (Customer-Defined via Mapping Interface) → Snowflake → Salesforce (attribution fields only, within managed package scope)
Client-Side JavaScript Tracking
Purpose: Web attribution tracking for marketing campaigns and user journey analytics
Security Features:
First-party script runs only on customer-owned domains
Privacy-first, cookieless implementation
Uses browser local storage only—no data transmission until user-initiated form submission
CCPA and GDPR compliant by design
No third-party cookies or cross-site tracking
Optional temporary cross-domain caching (ephemeral storage) to allow attribution data passing between customer-owned domains
For more info, see the JavaScript Overview article.
Customer-Managed Data Capture Systems
Purpose: Lead capture, marketing workflows, and attribution data processing
Data Flow: Attribution data from JavaScript is captured via customer-controlled systems (marketing automation platforms, web chat, APIs, direct integrations, etc.)
Common Examples:
Marketing automation platforms (HubSpot, Marketo, Pardot)
Web chat systems and chatbots
Custom APIs and direct integrations
Product signup flows and customer portals
Lead capture forms and landing page systems
Channel deal registrations
Customer list uploads for offline interactions
Security Model:
Customer fully owns and administers their data capture systems
Customer controls all form configurations, API endpoints, and data processing logic
Customer manages lead list uploads and data import processes
Integrous does not access these systems directly
Customer controls how attribution data flows into Salesforce
For more info, see the Web Form Attribution article.
Customer-Managed CRM Integration (Salesforce)
Purpose: Lead lifecycle management, sales tracking, and opportunity attribution
Data Flow: Customer data capture systems → Salesforce via customer-managed integrations and processes
Security Model:
Customer fully owns and administers their Salesforce environment
Customer manages and maintains all data integrations feeding into Salesforce
Permissions: Integrous Analytics managed package installed with limited permissions to collect attribution and sales funnel data for reporting (restricted to managed package custom fields unless explicitly configured to update a standard field)
Functionality: Package creates custom object records (Engagement records) and processes customer-defined data mapping rules
No access to core CRM logic or standard Salesforce objects outside package scope
Integrous-Managed Data Warehouse (Snowflake)
Purpose: Centralized data repository for analytics and business intelligence
Data Sources:
Extraction: Subset of Salesforce records and fields via enterprise ETL tools (ETL processes exclude PII; focus on attribution, engagement, and sales funnel performance metrics necessary for business intelligence)
Input: Customer-defined data mapping rules via mapping interface for attribution standardization
Additional Sources: Customer's paid marketing platforms (Google Ads, etc.) and other customer-authorized marketing data sources via enterprise ETL tools
Security Model:
Integrous owns and controls Snowflake infrastructure (SOC 2 Type II, ISO 27001 certified)
Read access to customer Salesforce systems for reporting data extraction
Limited write-back to Salesforce attribution fields based on customer-defined mapping rules
Limited to attribution data within managed package scope
Data pipelines use enterprise-grade ETL tools with established security protocols and encryption
Data partitioned by customer across all analytics layers to ensure complete separation between customer environments
No customer PII stored in data warehouse
Integrous-Managed Business Intelligence Platform
Purpose: Visual dashboards for Executives, Sales, Marketing, and RevOps teams
Data Flow: Business intelligence platform reads processed and modeled data from Snowflake
Security Model:
Integrous owns and manages business intelligence infrastructure
Customer access via viewer licenses
ETL processes exclude PII and focus on attribution and sales funnel performance data for compliance and security