Purpose: This article explains how Sendcloud stores, encrypts and transmits data.
Data Storage
All data Sendcloud collects is stored in Frankfurt, Europe. Our systems are hosted by Amazon Web Services, within the eu-central-1 region. Our application servers and databases run within its own virtual private network and not accessible directly from the outside world. No data in our systems is stored longer than 365 days.
Please note: Amazon Marketplace
As of January 1 2020 Amazon is changing their data protection policy. Currently the data for fulfilled orders (PPI) is stored for a period of 1 year. As of this date we will retain PII for no longer than 30 days after order delivery and only for the purpose of, and as long as is necessary to fulfill orders (no longer than 30 days after order shipment), or to, (ii) calculate/ and remit taxes, and (iii) produce tax invoices. If we are required by law to retain archival copies of PII for tax or similar regulatory purposes, PII must be stored as a "cold" or offline encrypted backup (e.g., not available for immediate or interactive use) backup stored in a physically secure facility).
Data Encryption
The databases of Sendcloud are encrypted at rest using the industry standard AES-256 encryption algorithm. Also database snapshots and backups are encrypted. Encryption keys are securely stored and rotated. In-transit data between our application servers and databases is encrypted using SSL. Data being communicated via our messaging queus is encrypted via symmetric encryption.
Data Transmission
Web traffic communication between your browser, shop and carriers encrypted if possible. We programmatically prefer encrypted traffic over unencrypted.
Outgoing internet traffic from our application servers is routed through an internet gateway. This way no application server makes a direct connection with the internet. For outgoing connections, we automatically prioritise encrypted over unencrypted connections.