Data protection

This document gives an overview of both the technical and organizational measures that we have put in place to keep your data safe.


Certified European data centers

Our main database and your feeds are stored in DigitalOcean-owned, European datacenters. These datacenters pass strict safety requirements, certifications, and are also GDPR-compliant. For more information see: https://www.digitalocean.com/trust/certification-reports/


Encryption

We encrypt data whenever possible. This means both while it is transported using industry-standard TLS and while it is stored. The disks in our datacenters are all encrypted at rest. We use modern TLS implementations and strong cipher choices.


Data deletion

Data deletion is done in accordance with industry-standard NIST 800-88.


Data replication

To ensure the safety and consistency of your data, we regularly back up your data (excluding Personal Identifiable Information (PII)), both on- and off-site. The backed up data is encrypted and stored in a physically secure facility. In the event of disaster, we are able to recover quickly since we test our data restoration procedure regularly.


Data consistency

We are strict about data consistency. We use stable and mature relational database technology and a strongly typed data model to realize this.


Anonymization

By default, ChannelDock automatically anonymizes any of your customer data that is handled, for e.g. order connections, after 90 days. Amazon is an exception to this, as PII data is only retained for less than 31 days. ChannelDock will only retain certain information that is fundamental to ensure that processes can be performed optimally.


Audit-ability

Actions within our tool are logged and tracked in a precise, structured format for auditing purposes. Server logs are centrally aggregated. This enables us to detect anomalies. We also keep detailed statistics about the performance of our infrastructure.


Found a problem?
Please contact us as soon as possible at
[email protected].