Secure disposal of data
At Typeform we care for your data. Anything you entrust to us is treated with the utmost care. We work around the clock to add new ways to detect and protect your data…but we also think it’s important to dispose of the data in a secure way, should you need this option.
This means that we provide mechanisms to ensure that when you request that any data be deleted, it will be impossible to recover this data - ever.
So, what happens when I click on ‘delete’ or request deletion from your support team?
At our AWS datacenter, secure deletion is provided by default. This happens through a wiping process that takes place before freeing the data to be deleted, and because all personal identifiers connected to the data are removed within seconds, so no further external access to the deleted object with the data is possible. After that, the deleted object is overwritten by newly stored data.
After deletion, a backup remains for 30 days. After 30 days this data is removed permanently and is impossible to retrieve.
And what happens with the devices Typeform employees use after these employees leave the company or when Typeform decommissions the devices?
We care for the laptops we use to work, as they may contain sensitive data that we need to perform our jobs well.
Typeform laptops are Macbooks with full FileVault encryption. When deleting laptop data, we also follow the standard deletion process suggested by Apple. When the encryption key is removed from Secure Enclave, the contents in the residual volume data become unusable (garbled data).
Hey, and what about other supports (USB, optical, external hard drives, etc.?)
Typeform is currently a 100% remote-working native cloud company, and we do not use these devices. However, our data security and disposal policies take this case into account. Should these types of devices ever be used by a Typeform employee for work purposes, a secure wipe tool would be used to fully wipe all the data once the devices were decommissioned.