I am working with a sales representative that has been trying to avoid my questions like the plague. I work for a larger corporation and part of me trying to test your products requires that I get a cloud review completed before I do so. I thought I would come here to see if I could get my questions answered a little quicker. I have been trying to get these answers since beginning of last week!
The questions that I didn’t get answered that are part of our review process are as follows:
In what country will this data be stored?
I need confirmation of “ownership” over that data being retained.
Additionally I need:
I was told that you use SOC II Type II reporting standards, I need a copy of your latest report for our file.
Any help on any of this would be great. We have a prototype created that we would like to put into experimentation mode and before we can do so we need to get the security review completed.
These are straightforward questions to answer, so not sure what the disconnect is here, but I apologize they haven’t been as forthcoming as they should’ve been.
In what country will this data be stored?
Particle stores service data (e.g. data used to run the service, NOT data collected by devices) in the USA. We do not generally store customer data, we simply pass it through to your own infrastructure, so you’re in charge of storing it. The only exception is in the case of Asset Tracker geo-location data, which is also stored in the US, if you choose to opt-in to that storage.
I need confirmation of “ownership” over that data being retained.
See above, your customer data is not stored/retained by us, so you maintain ownership.
SOC II Type II
We are SOC 2 Type II compliant and can share the full audit report under NDA. Please reach out to my team at security@particle.io, and we’ll get the ball rolling on that process for you.
Hope that helps, and again, apologies you didn’t get the answers as quickly as you should have.