Pelt8 Data Hosting Policy

Data Security and Backup Policy

1. Data Location and Security
  • All data is stored in the Switzerland North Azure Region.

  • Data is encrypted at rest for enhanced security.

2. Backups and Recovery
  • Regular backups are conducted to safeguard against data loss.

  • Data recovery methods depend on specific circumstances and may involve custom scripts.

  • Data recovery time varies based on the task but typically takes several hours.

3. Data Protection
  • Redundant storage solutions are in place, including Zone-redundant storage for database data.

  • Physical hazards like fire and water damage are protected against, as detailed in the Datacenter environmental safeguards.

4. Security Measures
  • Access to the application and its API is strictly controlled through Microsoft authentication.

  • Two-factor authentication (2FA) is mandatory for user authentication.

  • Database access is restricted to a private endpoint within the virtual network, also requiring Microsoft Entra authentication.

5. Disaster Recovery and Incident Response
  • Disaster recovery planning is discussed in Azure SQL Database disaster recovery guidance.

  • In the event of a security incident, an investigation is launched to assess the situation, and client notification occurs as necessary.

  • Corrective measures are implemented to prevent similar incidents in the future.

6. Data Export and Retention
  • Data can be exported by permitted users, including selected administrators.

  • Data retention follows specified backup and retention policies.

  • Data is deleted upon contract termination.

7. Certifications and Compliance
  • Pelt8 is actively working to secure test certificates and certifications as the company and resources grow.

  • Data export, retention, and compliance are managed according to policies.