Maintaining customer trust is an ongoing commitment, we strive to inform customers of the privacy and data security policies, practices and technologies we've put in place. These commitments include:
Access: We do not access or use customer content for any purpose other than as legally required and for maintaining our services and providing them to our customers and their end users.
Storage: Customers can choose the region(s) in which their customer content will be stored. We will not move or replicate customer content outside of the customer’s chosen region(s), except as legally required and as necessary to maintain the services and provide them to our customers and their end users.
Security: We offer our customers strong encryption for customer content in transit or at rest, and we provide customers with the option to manage their own encryption keys.
Disclosure of customer content: We do not disclose customer content unless we’re required to do so to comply with the law or a valid and binding order of a governmental or regulatory body. Unless prohibited from doing so or there is clear indication of illegal conduct in connection with the use of our services, Sendz notifies customers before disclosing customer content so they can seek protection from disclosure.
Customer data is classified into two categories: customer content and account information.
We define customer content as data, text, or images that a customer or any end user transfers to us for processing, storage or hosting by our services in connection with that customer's account and any computational results that a customer or any end user derives from the foregoing through their use of our services. For example, customer content includes images that a customer or any end user uploaded to our services. Customer Content does not include account information, which we describe below. The terms of any agreement with us governing the use of our services apply to your customer content.
Customer content ownership
Customers maintain ownership of their customer content. We do not access or use customer content for any purpose other than as legally required and for maintaining our services and providing them to our customers and their end users. We never use customer content or derive information from it for marketing or advertising.
Third-party cloud services provider
Our services are structured on top of the secure and well-established Amazon Web Services (AWS) cloud solutions. We do not run a custom data center, avoiding hundreds of performance, availability and security threads which have been settled down by AWS with their years of presence in the market.
Customer content storage location
Customers can choose the region(s) in which their customer content will be stored, in accordance with their specific geographic requirements. Sendz services are built on top of clusters available in various regions around the globe.
Customer's role in securing their customer content
When evaluating the security of a cloud solution, it is important for customers to understand and distinguish between:
Security measures that we implement and operate - "security of the cloud"
Security measures that customers implement and operate, related to the security of their customer content and applications that make use of our services - "security in the cloud"
Sendz is responsible for securing the cloud infrastructure, including computation, storage, databases and networks.
The customer is responsible for securing their customer data, their platforms, applications, identity and access management, their operating systems, networks and firewalls, the data-on-wire encryption and data integrity.
Compliance with AU law
We base our services on AWS solutions, which has already obtained approval from AU data protection authorities, of the AWS Data Processing Addendum and Model Clauses to enable transfer of data outside AU, including to the U.S. With their AU-approved Data Processing Addendum and Model Clauses, Sendz customers can run their global operations using Sendz services in full compliance with EU law. The AWS Data Processing Addendum is available to all Sendz customers that are processing personal data whether they are established in AU or a global company operating in the AU Economic Area