What data is transmitted to the Private Cloud?
When you check content using one of the Acrolinx Integrations, the content is sent to the server over an encrypted connection. It’s then processed by our linguistic engine to produce a report. We don’t permanently store the full content. After checking, the full content is discarded.
What transmitted data is stored on the Private Cloud?
Small extracts of your content are stored so that Acrolinx can provide feedback on these extracts. These extracts come from parts of the document where we find an issue during a check. We need this information to tell you where to look for a problem and how it could be corrected.
If you create a terminology database or reuse repository, the term entries and reusable sentences are also stored on the server.
We also log information on who accesses the server when so that we can maintain and debug the service.
What personal data is generated and stored on the Private Cloud?
For each user, the server is storing the following data that is relating to the user:
- Hashed and salted password (if not using Enterprise Federated Authentication)
- Reporting data and Scorecards from checks initiated by the users
- Metrics and data on checked content
- Small extracts form the content (see above)
- Custom user information as configured
Where is the information stored?
The content extracts are stored in the Scorecards and in a reporting database. The terminology is stored a terminology database. Reuse information is stored in reuse repositories. Logs are stored on the file system, but don’t include IP addresses by default. All data remains in the Private Cloud installation. Please contact support if you want all or parts of the data deleted.
How can I export my data?
If you want to export your data, please create a support ticket. We’ll provide you with a copy of the following:
- Terminology database
- Reporting database
- Scorecards and reports
Who can access my data?
Acrolinx doesn’t have access to the infrastructure that is used to run your Private Cloud instance. Management is performed by our partner Rackspace, who is SOC and ISO 27001 certified. We liaise with Rackspace to update or change the services.
Rackspace hosts your Private Cloud instance on Amazon Web Services (AWS) EC2. Amazon Web Services adhere to specific security processes that are documented here and are also both SOC and ISO 27001 certified.
We usually have administration access to your Acrolinx Dashboard. We use this access to help you set up and configure the service. If you don’t want us to have an administration account for your Acrolinx Dashboard, please let us know.
How long is my data stored?
When your contract ends, we delete all your data within 45 days. On request, we delete all your data within one working day.
Data Processing Addendum
Please note the Acrolinx International Data Processing Addendum ("DPA") generally applies to Acrolinx's Services (as defined in the DPA). To the extent a DPA is required for lawful provision of our Services and not yet in place, the DPA may come into force automatically according to section 14.9 of the DPA. You can download a copy and formally sign the DPA.