ExchangeDefender (Own Web Now Corp) has security at the core of the product design and service delivery. Your privacy is very important to us and we implement layers of security to guard your data and access to it.
Data We Collect
ExchangeDefender stores data directly and indirectly (through proxy) about our clients and for our clients. Examples of client data we store directly:
ExchangeDefender uses directly stored data to provide customer service, support, marketing and billing activities only.
ExchangeDefender stores data indirectly on your behalf on our systems either automatically or on demand. Examples of data we store indirectly:
ExchangeDefender does not directly access this data for any reason, including service audits. Any information collected with respect to indirectly stored data is for system management and accounting purposes only and does not in any way access the contents of the data.
Indirect Data Staff Access
ExchangeDefender may obtain access to indirectly stored data with clients' permission or permission of clients authorized manager or service provider. Access is restricted, logged and controlled at all times and in nearly all circumstances does not reveal users access credentials.
Indirect data access is only permitted from ExchangeDefender offices by staff for the support and troubleshooting purposes with clients' explicit permission. All actions, commands and activity is logged, time stamped and audited.
ExchangeDefender relies on ExchangeDefender Management Console to consolidate and delegate access to client data. At no time are credentials exposed or stored in plain text files or unencrypted network connections.
Data Compliance Laws
ExchangeDefender (Own Web Now Corp.) is a corporation based in United States of America and complies with the laws of United States of America.
ExchangeDefender operates worldwide with server infrastructure in multiple countries and data stored on infrastructure present in a specific country is subject to the local laws and regulations. ExchangeDefender complies with the local law of the land where data is stored. For example, data stored in United States is subject to United States law while data stored in Germany is subject to laws of European Union.
Service Specific Privacy & Data Retention
Data stored in Microsoft Exchange is automatically retained for 30 days after the mailbox is deleted.
Data stored in ExchangeDefender is purged within 7 days after the mailbox is deleted. Certain items such as authentication, rules and policies are deleted immediately while email statistics and transaction logs are purged automatically using a 7 day cycle.
Data stored on ExchangeDefender backup systems is purged within 24 hours. Historical data on replication servers is purged within 30 days.
Data stored in Shockey Monkey is purged immediately. Unencrypted data (attachments, historical reports, flat files and documents) are purged immediately and system backups are removed within 30 days.