Encryption
To ensure that only authorized access to your data is possible it is encrypted using Transport Layer Security (at least TLS 1.2) when transmitted and encrypted using AES encryption (AES-256) when stored.
Logical separation of data
Our system is designed to be multi tenant. We use PostgreSQL row-level security and CloudFront based authorization to ensure separation of data.
Backups
We perform full backups daily of all our customer's data. These backups are stored on separate infrastructure in encrypted form for 30 days.
The backup process is closely monitored and tested on a regular basis.
Data retention policy
When deleting data in Condens (such as projects, participants, files etc.) they are first marked for deletion for 30 days. During this time they can easily be restored. After that, they will be deleted. However, they are still restorable for another 30 days from our daily backups. So it is a total of 60 days from deleting something in Condens until it is irrevocably deleted.
We also offer a custom data retention period with our Enterprise plan to automatically delete recordings for easy data privacy compliance.