User Data Policy
Revision Date: 28 September 2021

Data Retention

Ensuring the privacy and security of the user data is a top priority for us. You can rest easy, knowing that we take every precaution to provide an import service with high-grade security.
When a user submits a file, csvbox.io parses the file on the client-side and then sends it to our servers. The data in transit is fully protected with a 256 bit SSL (Secure Socket Layer) connection that uses a SHA256 Certificate. This is the same level of protection used by online banking or e-commerce providers.
We use databases from Amazon Web Services (AWS) with encryption enabled by default. The uploaded data is secured at rest and no one else can read it while it resides in our storage. Once the data is fully stored in our database, csvbox.io then pushes it to your app or any other destination as configured by you in the dashboard.
The user data from our storage is later deleted automatically after one month. Meanwhile, you can securely view and download this data anytime via the csvbox.io dashboard. We provide the option to get all the user uploaded data deleted from our database (AWS S3) anytime by the click of a button. Lastly, you can configure the importer to completely bypass storing the data in our database (AWS S3).
The long-lived data about the import and the user files is not deleted. It mainly consists of supplementary log data helpful for troubleshooting and analyzing the import processes. This data does not include any original data from inside the user files.

Zero-knowledge design

csvbox.io collects, processes and stores only information that is required to run the service. We do not proactively build customer profiles, track metadata about the end-users or store unnecessary information in cookies unless our clients explicitly demand it to achieve their business goals.
With privacy at heart, we appreciate that the same business objectives can be achieved with multiple approaches. Processing unnecessary information represents a liability for us and risk for our clients, therefore by default, we prefer to design our features with a zero-knowledge approach.
If you have any specific questions you may raise a ticket here.
Last modified 27d ago