Data retention policy
While a customer is actively using atSpoke, account data is routinely retained for the term of the services agreement. Retention is necessary to provide the service, reporting analytics, auditing change within the account, and to improve end-user experience. Upon customer separation, all customer data is destroyed pursuant to contractual obligations set out in the services agreement unless doing so violates legal obligations.
Data archiving and removal policy
Data removal is subject to change control in accordance with atSpoke’s Retention Schedule. Our information security policies and procedures outline approved methods for data destruction.
Data storage policy
Sensitive data is stored in databases with full volume encryption to protect data at rest. Logical volumes are encrypted on virtual servers with AES-256 bit encryption and server side encryption is also applied to cloud-based storage buckets.
Data center location(s)
United States
Data hosting details
Data is hosted in cloud-based data centers.
App/service has sub-processors
yes
Guidelines for sub-processors