Data Hosting, Backup, and Deletion

Version 01 July 2024 


The following Pelt8 DATA HOSTING, BACKUP, AND DELETION POLICY describes how Pelt8 hosts the Customer Data.

The current version of the DATA HOSTING, BACKUP, AND DELETION POLICY is published on the Provider's website (https://www.pelt8.com/legal/data-hosting-policy).  

  

  1. DATA SECURITY 

The Provider ensures that stored data is accessible over the Internet to the extent of technical possibilities. Appropriate precautions, including regular data backups, virus checks, and firewall installations, are taken to prevent data loss and unauthorized third-party access, in accordance with the Contractor’s Data Security Policy; the current version is published on the Contractor's website (https://www.pelt8.com/legal/data-security). 


  1. DATA HOSTING & LOCATION  

All data is securely stored in the Switzerland North Azure Region and is encrypted at rest for enhanced security. Redundant storage solutions, such as Zone-redundant storage, are employed to safeguard data against physical hazards like fire and water damage (see Datacentre environmental safeguards).  

Other storage locations can be used upon request. 


  1. DATA ACCESS AND CONTROL 

Access to the application and API is strictly controlled using Microsoft authentication, with mandatory two-factor authentication (2FA) for user authentication. Database access is restricted to a private endpoint within the virtual network, requiring Microsoft Entra authentication. The Licensed Company retains exclusive rights to the data and can request the Provider to release specific or all data during the contract term. Data will be transmitted in the format used by the Provider, and a reasonable fee may be charged for data release. 


  1. DATA BACKUP AND RECOVERY 

The Pelt8 Platform does not replace the need for the Licensed Company to maintain regular data backups. If Licensed Company Data is lost, destroyed, damaged, or corrupted due to Pelt8’s systems, Pelt8's sole obligation is to restore the data from the most current backup. Regular backups are conducted, and recovery methods are tailored to specific circumstances, typically taking several hours. Disaster recovery planning adheres to Azure SQL Database disaster recovery guidance. In the event of a security incident, a thorough investigation is conducted, and clients are promptly notified. Corrective measures are implemented to prevent future incidents. 


  1. DATA EXPORT AND RETENTION 

Permitted users, including selected administrators, can export data. Data retention aligns with specified backup and retention policies. Upon contract termination, all data is deleted within 30 days unless legal obligations require longer retention. Pelt8 ensures the deletion of all submitted data, including private data, in compliance with the Data Processing Agreement (DPA) and Privacy Policy. 


  1. CONTINUITY AND COMPLIANCE 

In the event of Pelt8's liquidation or cessation of operations, Pelt8 ensures uninterrupted access to Licensed Company data by implementing necessary measures such as data backups and secure data transfer protocols. Pelt8 actively pursues relevant certifications and compliance with regulatory requirements. Data export, retention, and compliance are managed in accordance with established policies. 

 

Version 01 July 2024 


The following Pelt8 DATA HOSTING, BACKUP, AND DELETION POLICY describes how Pelt8 hosts the Customer Data.

The current version of the DATA HOSTING, BACKUP, AND DELETION POLICY is published on the Provider's website (https://www.pelt8.com/legal/data-hosting-policy).  

  

  1. DATA SECURITY 

The Provider ensures that stored data is accessible over the Internet to the extent of technical possibilities. Appropriate precautions, including regular data backups, virus checks, and firewall installations, are taken to prevent data loss and unauthorized third-party access, in accordance with the Contractor’s Data Security Policy; the current version is published on the Contractor's website (https://www.pelt8.com/legal/data-security). 


  1. DATA HOSTING & LOCATION  

All data is securely stored in the Switzerland North Azure Region and is encrypted at rest for enhanced security. Redundant storage solutions, such as Zone-redundant storage, are employed to safeguard data against physical hazards like fire and water damage (see Datacentre environmental safeguards).  

Other storage locations can be used upon request. 


  1. DATA ACCESS AND CONTROL 

Access to the application and API is strictly controlled using Microsoft authentication, with mandatory two-factor authentication (2FA) for user authentication. Database access is restricted to a private endpoint within the virtual network, requiring Microsoft Entra authentication. The Licensed Company retains exclusive rights to the data and can request the Provider to release specific or all data during the contract term. Data will be transmitted in the format used by the Provider, and a reasonable fee may be charged for data release. 


  1. DATA BACKUP AND RECOVERY 

The Pelt8 Platform does not replace the need for the Licensed Company to maintain regular data backups. If Licensed Company Data is lost, destroyed, damaged, or corrupted due to Pelt8’s systems, Pelt8's sole obligation is to restore the data from the most current backup. Regular backups are conducted, and recovery methods are tailored to specific circumstances, typically taking several hours. Disaster recovery planning adheres to Azure SQL Database disaster recovery guidance. In the event of a security incident, a thorough investigation is conducted, and clients are promptly notified. Corrective measures are implemented to prevent future incidents. 


  1. DATA EXPORT AND RETENTION 

Permitted users, including selected administrators, can export data. Data retention aligns with specified backup and retention policies. Upon contract termination, all data is deleted within 30 days unless legal obligations require longer retention. Pelt8 ensures the deletion of all submitted data, including private data, in compliance with the Data Processing Agreement (DPA) and Privacy Policy. 


  1. CONTINUITY AND COMPLIANCE 

In the event of Pelt8's liquidation or cessation of operations, Pelt8 ensures uninterrupted access to Licensed Company data by implementing necessary measures such as data backups and secure data transfer protocols. Pelt8 actively pursues relevant certifications and compliance with regulatory requirements. Data export, retention, and compliance are managed in accordance with established policies. 

 

Version 01 July 2024 


The following Pelt8 DATA HOSTING, BACKUP, AND DELETION POLICY describes how Pelt8 hosts the Customer Data.

The current version of the DATA HOSTING, BACKUP, AND DELETION POLICY is published on the Provider's website (https://www.pelt8.com/legal/data-hosting-policy).  

  

  1. DATA SECURITY 

The Provider ensures that stored data is accessible over the Internet to the extent of technical possibilities. Appropriate precautions, including regular data backups, virus checks, and firewall installations, are taken to prevent data loss and unauthorized third-party access, in accordance with the Contractor’s Data Security Policy; the current version is published on the Contractor's website (https://www.pelt8.com/legal/data-security). 


  1. DATA HOSTING & LOCATION  

All data is securely stored in the Switzerland North Azure Region and is encrypted at rest for enhanced security. Redundant storage solutions, such as Zone-redundant storage, are employed to safeguard data against physical hazards like fire and water damage (see Datacentre environmental safeguards).  

Other storage locations can be used upon request. 


  1. DATA ACCESS AND CONTROL 

Access to the application and API is strictly controlled using Microsoft authentication, with mandatory two-factor authentication (2FA) for user authentication. Database access is restricted to a private endpoint within the virtual network, requiring Microsoft Entra authentication. The Licensed Company retains exclusive rights to the data and can request the Provider to release specific or all data during the contract term. Data will be transmitted in the format used by the Provider, and a reasonable fee may be charged for data release. 


  1. DATA BACKUP AND RECOVERY 

The Pelt8 Platform does not replace the need for the Licensed Company to maintain regular data backups. If Licensed Company Data is lost, destroyed, damaged, or corrupted due to Pelt8’s systems, Pelt8's sole obligation is to restore the data from the most current backup. Regular backups are conducted, and recovery methods are tailored to specific circumstances, typically taking several hours. Disaster recovery planning adheres to Azure SQL Database disaster recovery guidance. In the event of a security incident, a thorough investigation is conducted, and clients are promptly notified. Corrective measures are implemented to prevent future incidents. 


  1. DATA EXPORT AND RETENTION 

Permitted users, including selected administrators, can export data. Data retention aligns with specified backup and retention policies. Upon contract termination, all data is deleted within 30 days unless legal obligations require longer retention. Pelt8 ensures the deletion of all submitted data, including private data, in compliance with the Data Processing Agreement (DPA) and Privacy Policy. 


  1. CONTINUITY AND COMPLIANCE 

In the event of Pelt8's liquidation or cessation of operations, Pelt8 ensures uninterrupted access to Licensed Company data by implementing necessary measures such as data backups and secure data transfer protocols. Pelt8 actively pursues relevant certifications and compliance with regulatory requirements. Data export, retention, and compliance are managed in accordance with established policies.