Overview of Evocon’s data protection policy. We take the security of your manufacturing data very seriously.
Data protection model
The model for data storage of tenant data is database level separation. All tenants have their own separate database where Evocon stores their information to. The general data needed for running Evocon services uses a shared model.
All sensitive data as stated by law (personal id numbers, social security numbers etc) is stored encrypted to ensure data protection. However, as of 2020 Evocon does not store any information that would categorise as personal.
Employee access to client data
Under normal circumstances, Evocon employees have no access to client data. Two potential situations trigger granting Evocon employees access to client data:
- If Evocon discovers an issue or a malfunction then Evocon contacts the client to ask a permission prior to handling the issue.
- If the client sends Evocon service a request, then Evocon considers this also as a temporary permission to access client data until we resolve the problem.
Data backup policy
We back up and replicate tenant databases daily. The retention period is 7 days. Evocon is not using any external support for backups. We replicate backup data between different availability zones. Only Evocon administrators have access to relevant servers.
Data handling after contract termination
Evocon adminstrators delete the databases and backups according to procedures in 7 days upon tenant contract termination.