MenuToggle Menu

Data Transit, Storage & Backup

This page provides information about our data transit, storage, and backup protocols for ProtoPie Enterprise Cloud environments, including data storage, data in transit and at rest protection, data retention and erasure, and data loss prevention.

Data Storage, Backup & Export

ProtoPie Enterprise Cloud users are provided with a dedicated and private cloud environment. Their data and networks are completely isolated from other users of our solution, ensuring the highest level of confidentiality and control.

We utilize PSQL for data storage. This robust database management system allows us to securely store data while maintaining its accessibility and performance.

Data is stored in the geographical location chosen by the client, which includes the United States, Europe, and Asia as options.

As an additional layer of data protection, we employ the AWS backup system. This comprehensive solution enables us to perform full image backups, including the operating system (OS), system files, and data. We closely monitor the backup server capacity and backup execution status on a daily basis. Additionally, an alert notification is automatically delivered when disk capacity exceeds 80%.

To ensure the effectiveness of our data restoration processes, we conduct regular restore tests. These tests are performed once a year to validate that our backup systems are functioning correctly and that data can be successfully recovered in the event of a disaster or system failure.

We do not gather or generate metadata related to how your data is utilized through inspection technologies like search engines or similar tools. Your data remains confidential and solely under your control throughout your usage of our platform.

Data In Transit

To ensure the secure transmission of data over the internet, we employ robust security measures such as TLS 1.2 and HTTPS encryption protocols. These industry-standard protocols guarantee end-to-end protection for your data during transit.

As ProtoPie Enterprise Cloud is hosted on AWS, we rely on the advanced data protection capabilities of AWS Backup. All AWS backups are encrypted using a unique and dedicated KMS key associated with the backup vault.

Learn more about how AWS KMS safeguards data.

Data At Rest

At rest, data on EC2 instances is secured using AWS encryption solutions. This involves the implementation of AES-256 encryption, an industry-standard encryption algorithm known for its reliability.

The encryption process takes place at the disk level within EC2 instances. AWS generates a Customer Management Key (CMK) on behalf of our company. This encryption process is fully managed and owned by AWS, ensuring the highest level of security. Access to the encryption keys is restricted to system administrators only.

AWS KMS keys can be configured to expire every 1 or 3 years, and cannot be immediately deleted. There is a mandatory wait period of 7 to 30 days before deletion. Additionally, all customer-managed KMS keys, regardless of whether the key material was imported, can be manually disabled or scheduled for deletion.

Learn more about how AWS safeguards data.

Data Retention & Erasure

We retain the following data:

  1. Email address and name for creating a member ID
  2. Text and image assets used to create prototypes

There is no specific retention period, and all information is kept until the customer terminates their contract.

Our data retention and erasure procedures comply with ISO27001 & 27701, as well as other certificates we have obtained.
Customers' EC2 instances are permanently deleted within 2 weeks after contract termination.

Data is erased as follows: when an object is deleted from Amazon S3, removal of the mapping from the public name to the object starts immediately, and is generally processed across the distributed system within several seconds. Once the mapping is removed, there is no external access to the deleted object.

Data Loss Prevention

Our data loss prevention systems are not hosted within AWS. Instead, at Studio XID, we rely on the features of Google DLP within our Google Workspace (Business Plus) environment. This includes preventing data leakage from internal users.

Google DLP effectively blocks the unauthorized sharing or downloading of data through Google Drive to external sources. Whenever such activity is detected, an immediate alert is triggered and promptly delivered to our dedicated security manager. Additionally, we extend the same level of monitoring and protection to email communications that involve attachments.

Back To Top