Data Storage and Encryption
Event Hub stores all its data in Postess Databases.
These databases are stored on AWS servers in geographic locations as set at build time. Australian companies are set on Australian servers.
Data is backed up hourly and daily.
Point-in-time recovery is activated as is replication of DB across X2 Sydney Data
warehouses and a replicated DB for BI reporting.
Data is encrypted at rest and in Transit.
On-time key rotation is managed by AWS Security Hub.
Encryption is initially started the second you visit any of Event Hub's services
through your web browser - we use the Transport Layer Security (TLS) v1.2
standard for all web apps for unparalleled speed and security.
Any information you enter is transmitted in an encrypted format to all of our
backend services.
Any data saved into our platform is stored and encrypted using the strong
AES-256 standard at rest.
PII Data Removal after Service Completion
PII data is stored in one table and is First name, Last name , email & company title. (Mobile phone at Tennant's option)
We do not store address data.
Hard Data deletion (removed from the database by our team) is performed a maximum of 48 hours after a direct customer request. This action overwrites backups.
Immediate self-service deletion of all tenant data is planned for Q4 23.
Systematic Deletion after Non-use
Hard Data deletion (removed from the database by our team) is triggered 60 Days after the expiry of service triggered by non-use. 2 warning emails will be sent to the application owner prior to deletion
Other PII Data repositories
Our BI stack consumes minimal PII data. Where PII is included the fields are only accessible to the BI owner only. All analysis is provided as aggregated or name only. No data is stored on the BI stack and all data is called on demand.
The only files loaded to the event hub are CSV guest lists and CSS content images.
CSV lists are stripped by a lambda function and injected into our DB. CSV file loads are cleaned and removed every 7 days.
Data Storage Locations
All data is stored on local AWS systems relevant to your customer location. All Australian company's data is stored in AWS Sydney data centers.
User Logging
Event Hub uses the following tools to monitor security controls and activity.
AWS Cloud Watch
AWS Guard duty
AWS Security Hub
AWS Inspector
AWS IAM
Intruder.io
User activity is fully logged at the database level via cloud trail events. Anomaiy actions are flagged by Guard Duty and Inspector and automatically shared to the Event Hub Slack channel.
User activity in-app and available for tenants logs user login and reset.
โ
All PII data export is restricted to the application owner - only.