At our company, we take the security and privacy of our customers' data very seriously. We understand that our customers trust us with their valuable data and we are committed to keeping it safe. In this article, we will provide you with information about the locations of our servers that host customer data, our backup procedures, physical security measures, firewalls, encryption, employee access to customer data, third-party penetration testing/audits, and our policies and procedures regarding data protection infrastructure.

Videos of US projects are hosted on servers located in Ashburn (Virginia), while videos of European projects are hosted on servers located in Amsterdam (Netherlands). Our customers with US or EU accounts have the option to select where to store their videos between Ashburn and Amsterdam for each project. This allows our customers to have control over where their data is stored.

We understand the importance of having backups in case of any unforeseen events. That is why we have implemented a robust backup system for our customers' data. Videos are stored on object storage and replicated on a daily basis to a second provider. Additionally, other data is stored in a database which is backed up daily with WAL continuous backup. These backups are stored on object storage of a different cloud provider, ensuring redundancy and security.

We use three different cloud providers for different usages. All of these providers are ISO27001 certified and have physical security measures in place to protect their data centers. Our providers include GCore, Scaleway, and Oracle Cloud Infrastructure.
​

We take the security of our network very seriously. We have implemented platform-wide security rules to filter incoming traffic and also use iptables on our servers to only allow necessary traffic. This ensures that our network is protected from any unauthorized access.

We understand the importance of encrypting data in transit to protect it from any potential threats. That is why we use TLS 1.2 and 1.3 encryption to protect data in transit. This ensures that our customers' data is safe and secure while being transferred over the internet.

We have strict policies and procedures in place to regulate and restrict employee access to customer data. Customer data can only be accessed through HTTPS over VPN for the managing application and SSH connections on servers. Only employees who need to use one of these methods are granted access. Additionally, our management application logs provide employee ID correlation with actions. This means that every interaction on data accessed or modified, as well as modifications to the account, are logged for 60 days. This allows us to track any changes made to customer data and ensure its security.

We understand the importance of regularly testing and auditing our security and privacy program. That is why we perform an audit once a year by an independent third party. This ensures that our systems and procedures are up to date and secure.

As part of our commitment to protecting our customers' data, we have a Data Management Policy in place. This policy classifies data into three categories: Public, Restricted, and Highly Restricted. Each classification requires different access, management, and governance procedures. This ensures that our customers' data is handled with the utmost care and security.

We hope this article has provided you with a better understanding of our company's security and privacy measures. If you have any further questions or concerns, please do not hesitate to reach out to our customer support team.