Dataclay is committed to achieving and maintaining the trust of our customers. Integral to this mission is providing a robust security and privacy program that carefully considers data protection matters including protection of Customer Data as defined in Dataclay’s QUE Terms of Service.
This documentation describes the architecture of, the security- and privacy-related audits and certifications received for, and the administrative, technical, and physical controls applicable to, the services provided by Dataclay that are branded as QUE (“QUE Services”).
The QUE Services are operated in a multitenant architecture that is designed to segregate and restrict Customer Data access based on business needs. The architecture provides an effective logical data separation for different customers and allows the use of customer and user role-based access privileges. Additional data segregation is ensured by providing separate environments for different functions, especially for testing and production.
Dataclay has implemented procedures designed to ensure that Customer Data is processed only as instructed by the customer, throughout the entire chain of processing activities by Dataclay and its sub-processors. In particular, Dataclay has entered into written agreements with its sub-processors containing privacy, data protection and data security obligations that provide a level of protection appropriate to their processing activities. Compliance with such obligations as well as the technical and organizational data security measures implemented by Dataclay. The “Infrastructure and Sub-processors” documentation attached hereto describes the sub-processors material to Dataclay’s provision of the QUE Services.
Dataclay’s policies for information security will be documented by Dataclay, approved by Dataclay’s management, published and communicated to Dataclay’s personnel. The QUE Services uses infrastructure provided by Amazon Web Services, Inc. (“AWS”) to host or process Customer Data. Information about security and privacy-related audits and certifications received by AWS, including ISO 27001 certification and SOC reports, is available from the AWS Security website and the AWS Compliance website.
Dataclay may track and analyze the usage of the QUE Services for purposes of security and helping Dataclay improve both the QUE Services and the user experience in using the QUE Services. For example, we may use this information to understand and analyze trends or track which of our features are used most often to improve product functionality. Dataclay may share anonymous usage data with Dataclay’s service providers for the purpose of helping Dataclay in such tracking, analysis, and improvements. Additionally, Dataclay may share such anonymous usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our services.