Where does my data go? Where is it stored? Where is it processed?
Can you guarantee that my data will not leave the country?
Our platform is a native cloud application - we do not store or process your data on our premise. All data and processing taking place on the cloud, using Amazon Web Services (AWS). AWS adheres to the strictest security standards as it stores and processes some of the world’s most sensitive data. AWS guarantees security across various aspects of the physical location of their servers incl. limited physical access, monitoring & logging of all access, and Surveillance & Detection.You can find out more here
Your data, and associated disaster recover backups, is stored and processed in the EU (Dublin, Ireland), adhering to the strictest GDPR standards. We also give you the option to use UK as a location.
Once you log in to the platform and upload your data, we use HTTPS SSL/TLS encryption to securely transfer the data and trigger cloud-based processing units to do the number crunching (more info here). Whilst number crunching is taking place, sometimes data also needs to pass across various sub services within AWS (say from some storage unit to a CPU unit and then back). In this cases, intra-service communication is further protected by AWS standards of best practice.
Your data can only be viewed and accessed by the users you invite to your own dedicated environment. No other Nodes & Links client can see or leverage the raw data you upload, like your .xer files. Behind the scenes, each Nodes & Links client has their own dedicated tenant, facilitated by our multi-tenancy architecture. This architecture is supported by dedicated user credentials which are linked to the tenant. In this way, each user is assigned to their respective tenant, and can only see and leverage that data only. We also enforce best practice access policies to ensure that the user’s identity (and therefore tenant subscription) cannot be compromised.
Once an account is closed, we immediately and securely dispose your data. Your data has unique keys that link them to your own dedicated tenant in our system. Upon closing the account, the tenant is also closed, which triggers the disposal of all the data associated with it. We use a best practice protocols like SDLC to automatically dispose the data.
We do not have access to your dedicated platform environment. Unless you of course wish to invite someone from the Nodes & Links support team to help you out with something (and then you can safely and easily remove them).
We record all actions made by any user to ensure we can satisfy any audit requests on your behalf, including log ins, user invitations and data uploads. We store this data in a protected database using Amazon Cognito Userpool ( see more here).
We offer advanced user permissions right out of the box, so you can securely share access with everyone in your team. We operate on a principle of least privilege, which means that you can only invite users to the level of your own permission, and lower (not higher). Every user that you invite on the platform first gets registered on your dedicated user directory. You can easily access and view this directory at any time, and if you are an admin you can also control the permissions of each user that is in that directory. Once a user is part of your platform directory, you can then invite them in any of the projects you upload to your dedicated environment. On invitation, you can choose between 4 roles that control the actions that the newly invited user can do, including limiting the ability to upload new data. You can easily create teams to help to manage large pools of users in an easy way.
We deploy best in class services to protect the identify of all Nodes & Links’ users directory, incl. Amazon Cognito and User Pools (see more here). In a nutshell, a user can only access your environment if they have been invited by another user that is already on your environment. We also deploy a range of best in class services to protect against web exploits that may impact availability and security, incl. AWS WAF, Amazon GuardDuty and AWS Shield Standard. We also use Amazon Detective to automatically investigate, analyse and quickly identify the root cause of potential security issues In addition, our source code is hosted in private code repositories, where access is internally restricted to appropriately trained personnel, and protected using strong password policies and MFA authentication.
We use best practice techniques to ensure any emerging threads are timely assessed and addressed. We use best in class tools and service to automatically identify and report relevant vulnerabilities. If one is identified, developments tasks are triggered to address them ASAP. Application layer vulnerability scans are also performed and reported automatically on a daily basis.
Cookie | Duration | Description |
---|---|---|
li_gc | 6 months | Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes. |
lidc | 1 day | LinkedIn sets the lidc cookie to facilitate data center selection. |
UserMatchHistory | 1 month | LinkedIn sets this cookie for LinkedIn Ads ID syncing. |
Cookie | Duration | Description |
---|---|---|
_calendly_session | 21 days | Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar. |
Cookie | Duration | Description |
---|---|---|
_fbp | 3 months | Facebook sets this cookie to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising after visiting the website. |
_ga | 1 year 1 month 4 days | Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. |
_ga_* | 1 year 1 month 4 days | Google Analytics sets this cookie to store and count page views. |
_gcl_au | 3 months | Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services. |
_hjSession_* | 1 hour | Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site. |
_hjSessionUser_* | 1 year | Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site. |
AnalyticsSyncHistory | 1 month | Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie. |
cb_anonymous_id | 1 year | Clearbit sets this cookie to track page views and traits for Clearbit. |
cb_group_id | 1 year | Clearbit sets this cookie to track page views and traits for Clearbit. |
nQ_cookieId | 1 year | Albacross sets this cookie to help identify companies for better lead generation and more effective ad targeting. |
vuid | 1 year 1 month 4 days | Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos on the website. |
Cookie | Duration | Description |
---|---|---|
_rdt_uuid | 3 months | Reddit sets this cookie to build a profile of your interests and show you relevant ads. |
bcookie | 1 year | LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs. |
bscookie | 1 year | LinkedIn sets this cookie to store performed actions on the website. |
cb_user_id | 1 year | Clearbit sets this cookie to collect data on visitors. This information is used to assign visitors into segments, making website advertising more relevant. |
li_sugr | 3 months | LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant. |
NID | 6 months | Google sets the cookie for advertising purposes; to limit the number of times the user sees an ad, to unwanted mute ads, and to measure the effectiveness of ads. |
VISITOR_INFO1_LIVE | 6 months | YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface. |
VISITOR_PRIVACY_METADATA | 6 months | YouTube sets this cookie to store the user's cookie consent state for the current domain. |
YSC | session | Youtube sets this cookie to track the views of embedded videos on Youtube pages. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
yt-remote-device-id | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
yt.innertube::nextId | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
Cookie | Duration | Description |
---|---|---|
__tld__ | session | Description is currently not available. |
_cfuvid | session | Description is currently not available. |
_cio | 1 day | No description available. |
_cioanonid | 1 year | Description is currently not available. |
_lfa_test_cookie_stored | less than a minute | Description is currently not available. |
cbtest | 1 year | Description is currently not available. |
debug | never | No description available. |
m | 1 year 1 month 4 days | No description available. |
nQ_userVisitId | 1 hour | No description available. |
pfjscookies | 1 year | Description is currently not available. |
site_identity | 1 year | No description available. |
sliguid | 1 year | No description available. |
slireg | 7 days | No description available. |
slirequested | 1 year | No description available. |