Data retention and backups¶

We have regular and multiple layers of backups to ensure all data is securely stored and easily accessible, and most importantly by using the latest in Amazon technologies, we ensure there's no scenario where your data can be lost or unavailable.

Point in time backups
For 2 days we store "point in time" backups, which means we can recover any database to any second of the day. If a client were to upload incorrect data and cause irreperable damage, we can restore the database to the second before the data was imported. Every client can rest assured that we're protected against major accidents.

Daily backups
We hold daily backups for 2 weeks. This ensures that if a major problem is noticed after the 2 day "point in time" window, we can restore to an overnight back going back 2 weeks.

Monthly backups in Amazon Backup Vaults
We utilize an extra important faclity provided by Amazon which protects against any client data being lost under any worst case scenarios, this is referred to as Amazon Vault in Compliance Mode. In essence we store monthly backups in this vault, and for 3 months no-one is able to delete or alter it under any circumstances. Every employee of Potentiality could request the data to be deleted and under no circumstances would it get deleted. (more information here: https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html ). This protects against inadvertent or malicious deletions.

6 extra months of backups
Once out of the Amazon Vault we keep the data for a further 6 months just to be sure. At this point if a client requested we could purge their data from within the backup. This results in a total of 9 months of backups.

Compliance with Data Protection Laws
We are committed to protecting the privacy and data of our clients and their users in compliance with all relevant data protection laws, including the General Data Protection Regulation (GDPR) in the European Union, the UK General Data Protection Regulation (UK GDPR), and the Privacy Act 1988 (Cth) in Australia. When a user requests the deletion of their data, we will promptly remove their information from our active systems. However, due to our data backup and disaster recovery processes, personal data may remain in our encrypted backups for up to 9 months, after which it will be permanently purged. During this period, the data will not be accessible for any other purpose except for regulatory compliance or disaster recovery, and it will not be processed further.

Backup data locations
Our backups are stored in seprate Amazon data wharehouses at each of our primary server countries, but they never leave the country at any time. Amazon data wharehouses are military grade security, more information on the Amazon AWS website.

Accessing the data
As a client you can access almost all the data in the database in excel format at all times.

• User data - look for the "export" facility in the Users tab in the adminstrator toolbar. For event data you can export every event individually via the export button on the event landing page.
• Event data - each event has its own export button which exports all the registration and payment data for each event.
• Payment and transactions - through the "view/add transactions" facility you can search for and export every transaction in the database. Just select which fields you'd like to export from within the "select columns" button and click the export button.
• Pledge information - Just click the export button from within the pledge interface.
• Log information - this is a little more complicated to access given the nature of the data. It's not often required but is all available to access through the "view site logs" tool.
• Communications - all communications can be viewed and exported via the comms log. There is a lot of comms that will likely not be relevant, so we would suggest using the in built filter tools to ensure you're only viewing the comms of relevance, then click the "export visible" link.

It's unlikely that any other data will be required from the system, but in that unlikely case we can extract data directly from our live database or backups, the data belongs to you so we will always give you access to it. However extracting or altering the data in these backups is a difficult process so charges will likely apply.

sub-pages¶