Telmai is committed to security and focused on keeping you and your data safe. Telmai adheres to industry-leading standards while connecting, replicating, and loading data from your data sources.
Contact security@Telm.ai if you have any questions or comments.
Compliance and privacy
Telmai regularly undergoes its independent SOC2 audit(currently in observation), and the report will be made available to all existing and prospective customers by request. This comes in addition to the benefits of the comprehensive set of Google Cloud Platform compliance programs.
Regional data will be ingested, processed and stored in the same region. No data, except application usage metric will leave the region.
Retention of customer data
All Customer data can be configured to be purged from Telmai as soon as we calculate metrics, i.e., typically 1 hour. If the customer specifies no explicit data retention policy, this data is stored for up to 30 days and then permanently deleted.
Derived data is stored for up to 30 days, and Data Metrics are stored for up to 360 days.
Metadata and User data are stored indefinitely until explicitly requested for deletion.
Telmai guarantees safe and complete deletion of data after the required retention period.
- Separation of Production and Dev environments
- All production data resides in Production Project
- No data access to Telmai team, except for performing maintenance tasks for limited number of engineers (background checks, trainings etc)
- Access is granted temporarily via assigning specific role to perform tasks and is audited (IAM audit logs)
- Deployment to this env is handled via CI/CD (Jenkins), which uses dedicated AIM service account with minimal access needed to perform the deployment
- Actual tenant’s data is stored separately, i.e. isolated ES indexes, separate buckets and BigQuery datasets
- Metadata, like tenant name, user-entered descriptions, sources names, attribute names and various usage information (created by/updated by/timestamp) stored in a single database table
Telmai prioritizes customer trust. We know that the safekeeping of customer data is critically important to our customers’ values and operations.
That is why we keep it private and safe.Telmai helps customers maintain control of privacy and data security in multiple ways:
Data residency : Regional data (EU) will be ingested, processed and stored in the same region. No data, except application usage metric will leave the EU region.
Data Security: Telmai provides our customers compliance with high security standards, such as encryption of data in transit and at rest, auditing standards (SOC 2) and a support team.
Disclosure of Customer Data: Telmai only discloses customer data to third parties where disclosure is necessary to provide the services or as required to respond to lawful requests from public authorities.
Trust: Telmai has developed security protections and control processes to help our customers ensure a secure environment for their information. Independent third-party experts have confirmed Telmai’s adherence to high industry standards.
Access Management: Telmai provides an advanced set of access and encryption features to help customers effectively protect their information. We do not access or use customer's data for any purpose other than providing, maintaining and improving Telmai's services and as otherwise required by law.
Right-to-be-forgotten : Telmai will provide all platform capabilities to support customers policies around data retention and automated cleanup. Telmai users and customers can submit a support ticket to be removed from all internal Telmai systems.