Data retention policy
Purpose
This policy outlines the requirements and controls/procedures Kadence has implemented to manage the deletion of customer data.
Policy
Customer data is retained for as long as the account is in active status. Data enters an âexpiredâ state when the account is voluntarily closed. Expired account data will be retained for 30 days. After this period, the account and related data will be removed. Customers that wish to voluntarily close their account should download their data manually prior to closing their account.
If a customer account is involuntarily suspended, then there is a 14 day grace period during which the account will be inaccessible but can be reopened if the customer meets their payment obligations and resolves any terms of service violations.
If a customer wishes to manually backup their data in a suspended account, then they must ensure that their account is brought back to good standing so that the user interface will be available for their use. After 30 days, the suspended account will be closed and the data will enter the âexpiredâ state. It will be permanently removed 30 days thereafter (except when required by law to retain).
Data archiving and removal policy
Purpose
This policy outlines the requirements and controls/procedures Kadence has implemented to manage the deletion of customer data.
Policy
Customer data is retained for as long as the account is in active status. Data enters an âexpiredâ state when the account is voluntarily closed. Expired account data will be retained for 30 days. After this period, the account and related data will be removed. Customers that wish to voluntarily close their account should download their data manually prior to closing their account.
If a customer account is involuntarily suspended, then there is a 14 day grace period during which the account will be inaccessible but can be reopened if the customer meets their payment obligations and resolves any terms of service violations.
If a customer wishes to manually backup their data in a suspended account, then they must ensure that their account is brought back to good standing so that the user interface will be available for their use. After 30 days, the suspended account will be closed and the data will enter the âexpiredâ state. It will be permanently removed 30 days thereafter (except when required by law to retain).
Data storage policy
Data Protection Policy
Background
Kadence takes the confidentiality and integrity of its customer data very seriously and strives to assure data is protected from unauthorized access and is available when needed.
Purpose
This policy outlines many of the procedures and technical controls in support of data protection.
Scope
Production systems that create, receive, store, or transmit Kadence customer data (hereafter "Production Systems") must follow the requirements and guidelines described in this policy.
Policy
Kadence policy requires that:
- Data must be handled and protected according to its classification requirements and following approved encryption standards, if applicable.
- Whenever possible, store data of the same classification in a given data repository and avoid mixing sensitive and non-sensitive data in the same repository. Security controls, including authentication, authorization, data encryption, and auditing, should be applied according
to the highest classification of data in a given repository.
- Employees shall not have direct administrative access to production data during normal business operations. Exceptions include emergency operations such as forensic analysis and manual disaster recovery.
- All Production Systems must disable services that are not required to achieve the business purpose or function of the system.
- All access to Production Systems must be logged.
- All Production Systems must have security monitoring enabled, including activity and file integrity monitoring, vulnerability scanning, and/or malware detection, as applicable.
Data Protection Implementation and Processes
Customer Data Protection
Kadence hosts on Amazon Web Services in the EU region by default. Data is replicated across multiple availability zones within the same region for redundancy and disaster recovery.
All Kadence employees adhere to the following processes to reduce the risk of compromising Production Data:
1. Implement and/or review controls designed to protect Production Data from improper alteration or destruction.
2. Ensure that confidential data is stored in a manner that supports user access logs and automated monitoring for potential security
incidents.
3. Ensure Kadence Customer Production Data is segmented and only accessible to Customer authorized to access data.
4. All Production Data at rest is stored on encrypted volumes using encryption keys managed by AWS.
5. Volume encryption keys and machines that generate volume encryption keys are protected from unauthorized access. Volume encryption
key material is protected with access controls such that the key material is only accessible by privileged accounts.
Access
Kadence employee access to production is guarded by an approval process and by default is disabled. When access is approved, temporary
access is granted that allows access to production. Production access is reviewed by the security team on a case by case basis.
Separation
Customer data is logically separated at the database/datastore level using a unique identifier for the customer. The separation is enforced at the API layer where the client must authenticate with a chosen account and then the customer unique identifier is included in the access token and used by the API to restrict access to data to the account. All database/datastore queries then include the account identifier.
Monitoring
Kadence uses AWS CloudWatch/CloudTrail to monitor the entire cloud service operation. If a system failure and alarm is triggered, key personnel are notified by text, chat, and/or email message in order to take appropriate corrective action.
Protecting Data At Rest
Encryption of Data at Rest
All databases, data stores, and file systems are encrypted according to Kadenceâs Encryption Policy.
Protecting Data In Transit
All external data transmission is encrypted end-to-end using encryption keys managed by K
Data center location(s)
Ireland
App/service has sub-processors
yes
Guidelines for sub-processors