Data Security and Privacy
Learn about how we protect your data.
Infrastructure Security
Data Centers
- SOC 2 Type II certified facilities
- Geographic redundancy (US, EU, APAC)
- 24/7 physical security
- Biometric access controls
Network Security
- DDoS protection
- Web Application Firewall (WAF)
- Intrusion detection systems
- Regular penetration testing
Data Protection
Encryption
- In Transit: TLS 1.3
- At Rest: AES-256 encryption
- Database: Encrypted backups
Access Controls
- Role-based permissions
- Single Sign-On (SSO)
- Multi-factor authentication
- Session management
Compliance
We maintain compliance with:
- GDPR - EU data protection
- CCPA - California privacy
- SOC 2 - Security controls
- ISO 27001 - Information security
- HIPAA - Healthcare data (Enterprise)
Data Retention
| Data Type | Retention Period | |-----------|-----------------| | Account data | Duration of account | | Activity logs | 90 days | | Backups | 30 days | | Deleted data | 30 days (recoverable) |
Your Rights
- Access your data
- Export your data
- Delete your account
- Opt-out of marketing
Contact privacy@acmecorp.io for requests.