The data stored in Safelink's
relational databases are replicated to at least two physical data centres,
to handle the possibility of network or server failure affecting a single data centre.
Backups are taken using a combination of database snapshots (where available,
such as in our AWS-backed regions), and SQL exports (in all regions).
Backups are taken twice daily allowing a 12 hour Recovery Point Objective (RPO).
Unless your contract specifies otherwise, we retain incremental backups
(at reduced frequency) for 90 days, beyond which time any documents or
other data that were deleted are purged and will not be recoverable.
The contents of files (eg. uploaded documents) are stored separately in
highly scalable, highly available object stores. For our AWS-backed regions,
this means S3. In all cases, an equivalent of at least three copies of each
file are retained in at least two separate data centres. Lifecycle rules
enable objects to be recoverable post-deletion for 90 days, beyond which
time any documents or other data that were deleted are purged and will not
be recoverable.
In cases where we assess a non-negligible risk of data loss due to the
intrastructure provider, perhaps due to their size or storage architecture,
we replicate files and database backups, in encrypted form, to a separate provider
within the same jurisdiction.
All data that is potentially of a sensitive nature in Safelink is
encrypted before it is stored to any of our databases or the object store.
The backups we take are backups of the encrypted data, so the same
protections apply to our backup as they do to our live system.
Users can take their own ad-hoc backups of documents in Safelink
by bulk-downloading them as a zip file. User-accessible export routines
are available for most types of data that you can store in Safelink.
We recommend that you consider this policy in the context of your
own backup and data retention requirements, and also take account of
the way in which you use or intend to use Safelink.
Incorporating offline backups or synchronisation with other systems
into your strategy may be appropriate to meet minimum data retention
guidelines or to protect against deletion or modification of data
that goes unnoticed for longer than the standard 90 day backup window.
Changes to this Policy
We may update our Backup and Data Retention Policy from time to time. We will notify you of any changes by posting the new policy on this page.
You are advised to review this Backup and Data Retention Policy periodically for any changes. Changes to this Backup and Data Retention Policy are effective when they are posted on this page.
If we make any material changes to this Backup and Data Retention Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.