資料保留政策
Gong employs data protection and privacy by design, combining enterprise-grade security features with comprehensive audits of our policies, applications, systems, and networks. Our certifications include SOC 2 Type II, ISO 27001, and EU/Swiss-US Privacy Shield, to name a few. Gong Customers may configure a data retention duration (3 years by default), and Customer data is purged from Gong systems subsequent to contract termination.
資料封存與移除政策
Gong Customers may configure a data retention duration (3 years by default), and Customer data is purged from Gong systems subsequent to contract termination.
資料儲存政策
All customer data (including call recordings and transcripts) is encrypted at rest and in transit. System passwords are encrypted using AWS KMS with restricted access to specific production systems. Stored data is encrypted on a disk using a 256-bit AES cipher. We use industry-standard PostgreSQL, Elastic Search and Mongo DB data storage systems hosted at AWS and/or by the respective vendors.
Data access and authorizations are provided on a need-to-know basis, and based on the principle of least privilege. Access to the AWS production system is restricted to authorized personnel, and is carried out using VPN with Active Directory authentication.