Security

All of Odown’s Data is hosted in Industry-leading, state-of-the-art modern data centers, watched by a team 24/7.

Our customers' data are hosted in leading edge and secure data centres, benefitting from some of the strongest information security standards in the industry.

Odown Data Centres

Odown uses high-security, outsourced data centers provided by Supabase. Hosting facilities have very high levels of physical security in all jurisdictions. The redundancy within the infrastructure secures customers' data through efficient disaster recovery processes.

Data Center Locations

All data is hosted in the European Union, within a Supabase data center in Ireland, West EU. Only ping data can be kept within the region from where the user created the check.

Data Encryption

We introduce the following data encryption at-rest with End-to-End, while HTTPS is applied for all network requests. Data at rest encryption: LUKS, in transit at the database level by SSL.

Redundancy

The clusters are fully backed up daily with the retention of the write-ahead logs to allow restoration to any instance in time in the last seven days.

Databases with a standby node will automatically fail over data handling to the standby node at the time of an outage to avoid unplanned downtime.

Data Retention Policy

Odown retains account data for at least the duration the users require.

Customer accounts and all their data are deleted after being requested.

Data Stored at Odown

Data at Odown is stored only when required to deliver its services. Nothing is tracked about users' activities. Data gets logged in monitoring dashboards between our backend and the databases.

Regarding account data, Odown is processing the following information about the user: user's name and email address.

The Credit Card Data and Billing Info is stored exclusively by our payments provider, Stripe.

Ping Servers

Users can select from where their monitors are pinged. We love redundancy, so we're using several cloud-based servers from different hosting providers like Supabase, Amazon Web Services, Vultr, and Scaleway.

Certifications

While following the security and data protection industry best practices, Odown itself isn't certified as of this time. Our infrastructure providers Supabase and AWS maintain a lot of certifications such as but not limited to PCI, HIPAA, ISO, SOC 2 Type II compliance.

GDPR

The General Data Protection Regulation sets a new standard for organizational management of personal information belonging to EU residents. Odown is committed to supporting the GDPR and to helping customers fulfill the obligations set out in the regulation for all jurisdictions in which their organizations operate. Our trust portal can be found here http://gdpr.odown.com/.

Right to be forgotten:

If a customer or user asks you to delete his information (email, phone number, Slack webhook) from your status page, you can do that directly in your dashboard. The data of a customer will be completely removed from the application and from our databases.

It is allowed to remove monitors or status pages.

You may also, at any moment, delete any monitor or status page from within our dashboard if you desire; this will destroy all data relating to it from our databases instantly.

Can Odown help my company request information about their data?

Odown is a data processor within the meaning provided by the General Data Protection Regulation (GDPR) in the context of its relation to your company. As such, Odown will support you in answering, as a data controller, individual requests. For that purpose, the Odown platform features specific functionalities that will make this process easy to handle. Besides this, the Odown team will be at your company's disposal to answer such demands.

Security Vulnerability Reporting

We take the security of the data we are entrusted with and continuity of the services to our customers seriously. If you think there may be a possible vulnerability that might remain unknown to us - we welcome notification. In return, we will work with you to establish what happened, and to rectify the problem. All issues intended to be brought into our attention shall be reported on support@odown.io, and we will get in touch.