Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Page Properties

Version

1.01

Owner

Head of EngineeringCTO

Last Updated on

Last Updated by

Bruno Belizario

Approved by

Sean Oldfield

Last Review

Subscribe to an RSS feed to be notified when we update Data Management Policy (note: you will need to cut and paste the "Subscribe to an RSS feed" URL into an RSS Feed Reader to monitor updates).

Purpose

To ensure that information is classified, protected, retained, and securely disposed of in accordance with its importance to the organization.

...

  • Internal policies

  • Legal documents

  • Meeting minutes and internal presentations

  • Contracts

  • Internal reports

  • RocketChat Google messages

  • EmailĀ 

Public

Documents intended for public consumption can be freely distributed outside ecoPortal. Examples include:

...

ecoPortal will measure and verify compliance to this policy through various methods, including but not limited to, ; business tool reports, and both internal and external audits.

...

Appendix A - Data Retention Matrix

System or Application

Data Description

Retention Period

ecoPortal SaaS Products (AWS)

Customer Data

Up to 60 days after contract termination

ecoPortal AutoSupport

Customer instance and metadata, debugging data

Indefinite

ecoPortal Customer Support Tickets (HubSpot)

Support Tickets and Cases

Indefinite

ecoPortal Security Event Data (GuardDuty, Inspector and CloudWatch)

Security and system event and log data, network data flow logs

AWS Instance - 1 year

ecoPortal Vulnerability Scan Data (GuardDuty and Inspector)

Vulnerability scan results and detection data

6 months

Security Policies

Security Policies

1 year after archive

Temporary Files

AWS /tmp ephemeral storage

automatically deleted when process finishes