Pelt8 Data Hosting Policy
Data Security and Backup Policy
1. Data Location and Security
All data is stored in the Switzerland North Azure Region.
Data is encrypted at rest for enhanced security.
2. Backups and Recovery
Regular backups are conducted to safeguard against data loss.
Data recovery methods depend on specific circumstances and may involve custom scripts.
Data recovery time varies based on the task but typically takes several hours.
3. Data Protection
Redundant storage solutions are in place, including Zone-redundant storage for database data.
Physical hazards like fire and water damage are protected against, as detailed in the Datacenter environmental safeguards.
4. Security Measures
Access to the application and its API is strictly controlled through Microsoft authentication.
Two-factor authentication (2FA) is mandatory for user authentication.
Database access is restricted to a private endpoint within the virtual network, also requiring Microsoft Entra authentication.
5. Disaster Recovery and Incident Response
Disaster recovery planning is discussed in Azure SQL Database disaster recovery guidance.
In the event of a security incident, an investigation is launched to assess the situation, and client notification occurs as necessary.
Corrective measures are implemented to prevent similar incidents in the future.
6. Data Export and Retention
Data can be exported by permitted users, including selected administrators.
Data retention follows specified backup and retention policies.
Data is deleted upon contract termination.
7. Certifications and Compliance
Pelt8 is actively working to secure test certificates and certifications as the company and resources grow.
Data export, retention, and compliance are managed according to policies.