Resilient, comprehensive data security & backup solution for retail
TRS stores all customer data in dedicated customer databases. This approach ensures complete segregation of your data, from initial ingestion right through to final reporting.
Furthermore, upon service termination, TRS handles data destruction. We will identify and destroy all active databases and backups when requested by the customer.
Regarding Personally Identifying Information (PII), TRS maintains a strict policy concerning PII and its storage. Therefore, we strongly encourage clients to provide any data considered PII only on an ‘as-necessary-basis’.
At The Retail Score, working with sensitive data forms the core of our operations. We not only understand the analytical value this data holds, but also recognize the critical importance of its responsible usage and robust security management, especially concerning Personal Identifiable Information (PII).
Specifically, PII relates to any information capable of identifying an individual. Examples include full name, email address, phone number, and postal address. To facilitate your data protection policies, we proactively ask clients to specify precisely what Customer Data you wish tRS to hold within your tRS Data Warehouse. Consequently, we offer 3 distinct options for managing this.
All other customer data will not be loaded into the tRS data warehouse.
Initially, tRS loads and retains a Customer numeric/alpha ID and necessary Personal Information, storing this data within the data warehouse and the cube. Importantly, derived measures, attributes, and outbound integrations remain unaffected by this. We can issue this data to 3rd party applications, such as Klayvio. However, in the cube or portal, end users only see the Customer ID; they cannot view other data. The client specifically selects which measures to retain.
tRS loads and retains Customer numeric/alpha ID and necessary Personal Information, storing it in the data warehouse and cube. However, the default view for users in cube or portal means no access to these fields. We ask clients to identify specific users needing access. TRS then manages access for these individuals using security rules. Furthermore, the client controls which measures to retain.
Robust data security is paramount; effective backups ensure data recovery during any calamity. At The Retail Score, we implement key backup principles:
Firstly, we leverage Microsoft Azure’s highly available, fault-tolerant facilities. Plus, we utilize premium locally redundant storage (LRS) for daily operations.
Furthermore, for data security and Disaster Recovery, we back up all servers, databases, and storage to encrypted geo-redundant storage.
Regarding backup frequency: servers and source data accounts back up daily (7 days), weekly (3 weeks), and monthly (1-3 months). Customer databases back up daily (7 days), weekly (5 weeks), and monthly (12 months).
Regarding recovery objectives: RPO is 24 hours for all customer data. Expect recovery up to 24 hours prior to incident. RTO is typically under 6 hours post-failure, though varies with data volume.
TRS bases all operational systems and customer data processing facilities in the cloud. We utilize highly available, fault-tolerant providers for this.
In the unlikely event of a significant disaster, TRS can fully restore services at designated backup regional centers. However, achieving full recovery in an alternate region may require up to 48 hours; this timeline depends on the scope of the failure. Consequently, TRS is currently undertaking a new DR project. This aims to increase DR recovery options and improve turnaround time specifically for significant failures.
Finally, supporting our operational resilience, we ensure all TRS staff are equipped and able to work remotely should our physical offices become unavailable.
Data retention involves keeping records for set periods. This practice helps comply with business needs, industry guidelines, and regulations. Accordingly, at TRS, we maintain efficient customer data retention policies. These policies aim to best target customer needs.
Regarding historical data retention, data backup policies determine the retention period. By default, TRS retains historical customer data for 12 months.
Database | Data Set | Retention Period |
---|---|---|
SQL Server | Daily Back up | 7 Days |
SQL Server | Weekly Back up | 6 Weeks |
SQL Server | Monthly Back up | 12 Months |