Règle de conservation des données
Gong employs data protection and privacy by design, combining enterprise-grade security features with comprehensive audits of our policies, applications, systems, and networks. Our certifications include SOC 2 Type II, ISO 27001, and EU/Swiss-US Privacy Shield, to name a few. Gong Customers may configure a data retention duration (3 years by default), and Customer data is purged from Gong systems subsequent to contract termination.
Règles d’archivage et de suppression des données
Gong Customers may configure a data retention duration (3 years by default), and Customer data is purged from Gong systems subsequent to contract termination.
Règle de stockage des données
All customer data (including call recordings and transcripts) is encrypted at rest and in transit. System passwords are encrypted using AWS KMS with restricted access to specific production systems. Stored data is encrypted on a disk using a 256-bit AES cipher. We use industry-standard PostgreSQL, Elastic Search and Mongo DB data storage systems hosted at AWS and/or by the respective vendors.
Data access and authorizations are provided on a need-to-know basis, and based on the principle of least privilege. Access to the AWS production system is restricted to authorized personnel, and is carried out using VPN with Active Directory authentication.
Site(s) de centre de données
États-Unis
Détails sur l’hébergement des données
Cloud hosted
Société chargée de l’hébergement des données
AWS
L’application/le service a des sous-processeurs
no