Data Retention Policy

Web Service Call Data

How web service data may be retained falls into two categories:
1. Billing and Client Reporting Purposes (mandatory)
2. Support Debug Purposes (optional)

Billing and Client Reporting Purposes

We collect the following data and store it for a period of 90 days at the individual transaction level.

• Account id of caller
• Time of call
• Service name
• IP address of caller
• Encryption protocol used
• Response time
• Input flags
• Result codes

We aggregate this data to hourly statistics and store the aggregated data in perpetuity for billing and client reporting purposes.

Support Debug Data

Support debug logging is turned on by default for the transaction data we store for 90 days.  This allows us to view the content of an API call and the response that was sent back when contacted by a client in order to better investigate issues that the client is having with our service.   To turn off support debug then call our endpoint with -nolog (see Endpoint here).   Please note that this prevents the servers, load balancers, etc. from logging optional information, so it won't exist in any log, ever - not even for a nano-second.  We will only log the mandatory billing and client reporting codes.  It is important to note that when a customer opts out of Support Debug then we will only have access to the information tracked for billing purposes.  We will not know what information you sent inside your request, or what was in the response.

Physical Infrastructure

We run our solutions in multi-availability zones in Dublin, Ireland hosted by AWS. We have a failover facility in AWS Frankfurt, but we only failover to this facility if a catastrophic event occurs in AWS Dublin that affects multiple availability zones. No configuration is required by the client to handle switching to or from our failover facility. The Autoaddress API resolves to a couple of static IP addresses and traffic will be routed to the correct location through those IPs automatically.