PRIVACY AT CODE42
Privacy And Protection Of Our Customers’ Data
Protecting our customers’ data is paramount to our success as a business. We follow global privacy principles to design products and practices that safeguard your data and enable your organization to meet its own privacy requirements.
Our transparency
Code42 values trust. Whether you are a prospective or existing customer, it’s important to us that we’re clear about our data practices.
Read Our Privacy StatementAny data collected by Code42 through our products belongs to the customer. Code42 will only use customer data in order to provide our services, as described in our agreements and product documentation. Code42 does not and will not sell our customers’ data.
At Code42, we are committed to maintaining customer privacy and confidentiality. Information about our policies and practices with respect to requests for customer data by law enforcement or government entities can be found here.
Protecting your data
You control your data. Code42 provides flexible configurations and the ability to specify which data Code42 collects to limit unwanted data storage.
Code42’s commitment to protecting customer data is built into our agreements. A Data Processing Addendum (“DPA”) is available here for customers to meet their privacy requirements. The DPA is based upon globally recognized privacy standards, including GDPR and CCPA.
We use industry best security practices that are regularly verified by internal safeguards and external auditors. This includes end-to-end encryption of your files, customer-controlled access, controls to ensure file integrity, and deletion of your files after your subscription ends.
Code42 uses third parties to provide the services. We have a mature vendor assessment process to ensure your data remains secure and protected. We validate that our subprocessors have the appropriate privacy and security safeguards and that they are contractually obligated to protect your data. View our list of subprocessors.
Privacy in our products
Access controls. Code42 provides a variety of role-based access and permissions controls within the product which allow manual or automated (via an external Identity Provider) access delegation.
Audit logs. Code42 maintains both customer-facing and internal audit-logging to ensure proper monitoring of privileged accounts.
Data encryption. Code42 leverages independently tested industry best practices and protocols to ensure that all data is encrypted when in transit and at rest.
Retention and storage. Our products are designed to only store data for a limited period of time. Our product plans currently allow data to be retained for 30 to 90 days, unless there’s a security event, in which case a customer has control to keep the data longer.
Breach investigation and response. With Code42, you have visibility into files and events that allow for quicker breach investigation and response. Our built-in dashboards can be utilized as a part of your analysis and reporting in the event of a data breach.
RESOURCES