Data retention policy
The following Customer's Personal Data is collected, processed, and used by GlockApps when a customer creates a personal account with the service: IP address, browser type, operating system, “cookie” information, page URL, login date and time, first name, last name, and email address.
The customer's Personal Data is stored on a secure AWS server in the US East (N. Virginia) region. A password policy is implemented for the customers' accounts. Customers who interact with the service via the user interface must authenticate before accessing non-public customer data. The authorization model ensures that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user's permissions against the attributes associated with each data set.
A subset of GlockApps employees have access to customers' personal data via controlled interfaces. The intent of providing access to a subset of employees is to provide effective customer support, to troubleshoot potential problems, to detect and respond to security incidents, and implement data security.
Data archiving and removal policy
Personal customers' accounts are never removed without a prior customer's request received explicitly via email or chat with a representative of GlockApps. After the subscription cancelation or expiration, a paid customer's account is converted into a free account with limited features and data access.
The data received by a customer during the service usage is removed from the customer's personal account after the fixed number of days:
- the reports of email tests are removed 12 months after the date of the test triggering;
- DMARC Analytics data is removed in 90 days after being received by GlockApps;
- XML files of DMARC reports are removed 30 days after being received by GlockApps;
- the message headers and IP address reputation history are removed in 30 d
Data storage policy
Customer Data such as personal customers' accounts, spam test reports, message headers, and DMARC reports are stored on a secure AWS server in the US East (N. Virginia) region. The reports of spam tests are stored for 12 months after the date of the test triggering. The message headers are stored for 30 days after the date of the test triggering. The IP address reputation history in the IP Reputation Monitor is stored for 30 days. DMARC reports are stored for 90 days and XML files of DMARC reports received from ISP – for 30 days.
Data center location(s)
United States
App/service has sub-processors
no