We are very vigilant to ensure we don't hold onto any personal data we don't need to keep.

Here is a fact list that may help to address this:

• Our cloud servers are hosted on DigitalOcean, who have done a lot of work to ensure all their hardware drives are properly encrypted as standard. We host our databases on encrypted and standards-compliant Aurora RDS instances with AWS
• Email addresses of your leads must touch our servers so we can provide our primary service to our customers, but we do not store them in our database , and discard them as soon as reasonably possible. A hashed version is stored, generated using a one-way 128-bit hashing function
• We operate a strict rotating password policy on all our servers, running our own encryption procedures on drives where possible, and insist on using compliant service providers where possible
• We do store first names and the first letter of the second name where available, but only when this information has been made publicly available by the individual, and only for the use of our primary product
• The above feature may be completely disabled by users within our application, so names are not shown at all on our notifications
• We do store a rough physical location of the lead where available, so we can provide our primary service to our customers, but we do not store the raw IP address

Contact: gdpr@uptible.com

Last updated: Mon, 20 Apr 2020 16:32:33 +0000.