Data Security
& Backup

Resilient, comprehensive security & backup solutions

Data Privacy

As mentioned in the Data Security section, all customer data is stored in dedicated customer databases. This ensures a full segregation of customer data from data ingestion through to reporting. 

In the event of a service termination, tRS will identify and destroy all active databases and backups if requested by the customer.

Personally Identifying Information (PII) – tRS has a strict policy relating to PII and the storage of this. We encourage clients to provide any data that can be considered PII on an ‘as-necessary-basis’

Working with sensitive data is at the core of what we do at the Retail Score. Not only do we understand the analytical value of this data, we also recognise the importance around the responsible usage and security management of this data, particularly Personal Identifiable Information (PII).
PII relates to any piece of information or data that can identify an individual i.e. full name, email address, phone number, postal address. To facilitate our clients’ data protection policies, we ask clients to advise what Customer Data you would like tRS to hold in your tRS Data Warehouse. There are 3 options available.

Option 1

No Customer Data:
tRS only loads and retains a Customer numeric/alpha ID and a masked email address which will enable tRS to still produce Customer metrics such as:
  • % of named transactions
  • # new Customers
  • % customer with email etc.
All other customer data will not be loaded into the tRS data warehouse

Option 2

Customer Data loaded into the Data Warehouse but No Customer Data the Cube:
tRS loads and retains a Customer numeric/alpha ID and required Personal Information in the data warehouse and in the cube. Derived measures, attributes and outbound integrations remain unaffected. That data can be issued to 3rd party applications such as Klayvio. In the cube/ portal the end user cannot see any data – only the Customer ID. Client to select the measures to retain

Option 3

Customer Data loaded into the Data Warehouse and in the Cube with tight user access rules:
tRS loads and retains a Customer numeric/alpha ID and required Personal Information in the data warehouse and in the cube. The default view for users will be no access in the cube/portal, with Clients asked to identify any individual users that require access to these fields which we will manage through additional security rules. Client to select the measures to retain

Backup Procedures

An effective framework of backup procedures is critical in ensuring data recovery is possible in the event of any calamity. At the Retail Score we believe we achieve the primary principles of successful Backup procedures through the following: 

In addition to leveraging Microsoft Azure’s highly available fault tolerant service facilities, tRS utilizes premium locally redundant storage (LRS) for day-to-day operations.

All servers, databases and storage are also backed up to encrypted geo-redundant storage for further protection and to assisted with Disaster Recovery.

All servers and source data storage accounts are backed up daily for seven days, weekly three weeks and monthly for one three months

All customer databases are backed up daily for seven days, weekly for five weeks and monthly for 12 months.

By default, tRS operates with a Recovery Point Objective (RPO) of 24 hours for all customer data. In the event of a failure, the Recovery Time Objective (RTO) is typically less than 6 hours but may vary depending on data volumes

Disaster Recovery Plan

All tRS operational systems and customer data processing facilities are cloud based using highly available fault tolerant providers. 

In the unlikely event of a significant disaster, tRS can fully restore services in designated backup regional centres. Full recovery in an alternate region may require up to 48 hours depending on the scope of the failure. tRS is currently undergoing a new DR project to increase DR recovery options and improve the turnaround time in the event of significant failure.

All tRS staff are equipped and configured to work remotely if tRS offices become unavailable.

Customer Data Retention Policy

Data retention is the practice of keeping records for set periods of time to comply with business needs, industry guidelines, and regulations. At TRS we maintain efficient customer data retention policies to best target customer needs. 

Historical data retention of customer data is determined by the data backup policies. By default, historical data is retained for a period of 12 months.

General Retention Policy:
Database Data Set Retention Period
SQL Server Daily Back up 7 Days
SQL Server Weekly Back up 6 Weeks
SQL Server Monthly Back up 12 Months

What Retailers
Say About tRS