Customer-centric data such as user emails, IP addresses, domain names, usernames and passwords of URLs being monitored, third-party service keys, and webhook URLs are encrypted by default.
Data portability is one of the most important right offered to a data subject. At Site24x7, we allow secure porting of customer data, even when transferring monitoring data from our US data centers to EU data centers, and vice versa. After logging into the account, a user with sufficient privileges can securely export a list of account users along with other monitoring data to a CSV.
Site24x7 processes personal data on behalf of a data controller, which means it falls into the category of data processors. For example, Site24x7 processes personal data for its customers in the course of providing uptime and performance monitoring of IT resources. Data processors are mandated to protect the stored personal data of customers. Site24x7 takes care of the following aspects concerning customer data:
- Email and phone number confirmation: Any Site24x7 user will start receiving email, SMS, or voice-based alerts and reports, only after they successfully verify their email or phone number.
- Opt out from email and phone alerts: Users can report abuse or opt out of emails concerning monitor status alerts, monitor configurations, and performance reports by accessing the unsubscribe link at the footer of these emails. Additionally, users can click the opt-out link provided in the verification SMS to unsubscribe from all SMS and voice-based alerts.
Site24x7 is committed to GDPR readiness.
Site24x7 is well aware of the GDPR and its implications both for us and our customers. Here are some key highlights of Site24x7 that are specific to the GDPR:
Right to access.
Any time personal data is accessed (including read and write operations), it's thoroughly audited on our end.
Right to rectify.
Customers with requisite user permissions can manually log in to Site24x7's web client using their valid credentials and correct their inaccurate or incomplete personal data. Additionally, they can update any personal data using our documented RESTful APIs.
Right to erasure.
Once a user initiates termination of their Site24x7 account, Site24x7 will retain all this user's data for 30 days before erasing it completely.
Right to data portability.
Users can request Site24x7 to securely migrate their data from our data centers in the US to the ones in the EU, and vice versa, without affecting the usability of that data. Users can also securely log in to their account and export both the sub-users list, the monitor meta data and the reporting data in CSV format. The sub-users list includes information on data subjects and the monitors list includes information on monitored networks and resources.