GoTo Customer Support Embark: GoTo Admin Training Embark: GoTo User Training Provide Feedback

Data Residency and Retention

 

What is Data Residency and Why is it Important?

 

Data residency refers to where data is physically or geographically stored. Data residency is a common topic in various local or industry level regulations. For example, The US HIPAA health data law and the international PCI-DSS payment card regulation both set policies around data residency, along with the General Data Protection Regulation (GDPR). 

 

As organizations become increasingly cloud based, it becomes harder to understand where your data is being stored.  

 

Data Residency in Rescue 

 

Rescue utilizes geographically distributed data centers worldwide to provide low latency, highly performant services, as well as data segregation. 

 

Depending on your organization’s regulations, you can choose whether to store your Customer Content in the US or in Europe, upon account creation. Data stored in a selected geographic region applies to various data types: session data, uploaded files, stored credentials and chat history. There is no storage connection between our EU-based and USA-based data centers. 

 

 

Did you know?: In the US, 66% of consumers advocate for GDPR-like privacy laws. 

What is Data Retention and why is it Important? 

 

While not storing data is the safest way to protect it from being exposed, sometimes you don’t have that option. For example, there may be specific laws or industry regulations that require you to hold on to specific data, or you might need to have it accessible for eDiscovery or litigation purposes. In these cases, your organization should have policies in place around data retention. These include strategies on which data to retain, how to maintain it, and for how long.  

 

Similar to best practices around which data to maintain, the best practice for how long to maintain data is to only hold onto it for as long is necessary or useful. That said, each organization may have specific requirements or regulations around data retention periods, so it’s important to check with your GRC leader.  

 

Data Retention in Rescue 

 

By default, Rescue stores data such as chat logs for at least two years for access via self-serve, and an additional two on request.  Rescue Customer Content is encrypted at rest at both the server and database levels with AES256 and TDE. You can read more about how Rescue protects your data in Rescue's Technical and Organizational Measures document.

 

If you no longer want to store chat logs in Rescue, you can delete them in the admin center.  Chat logs are deleted 24 hours from the moment they are queued for deletion.  

Tip: If you change your mind, you can revoke any deletion within 24 hours by clicking this icon  in the Delete column. 

You can also choose to export  session data and send it to your data lake via our API to store according to your organization’s data retention policy.  Remember that as soon as this data is in your hands, Rescue’s access controls no longer apply, and you are responsible for restricting access.