SECURITY AND COMPLIANCE

Who will guard the guards?

OVERVIEW

Since data privacy is our very Purpose for being, we made it a priority to design the Purpose service architecture to hold the strictest standards.
 

Most importantly: 

  • We cannot see your data

  • Your data never leaves your account


And of course, we eat our own dog food and use Purpose for our own compliance.

gradient_overlay2_edited.png

INFRASTRUCTURE

Purpose is hosted on Amazon Web Services. AWS is responsible for the security of the underlying cloud infrastructure. AWS computing environments are continuously audited, with certifications from accreditation bodies across geographies and verticals, including ISO 27001, FedRAMP, DoD CSM, and PCI DSS. You can read more about their practices here.

ARCHITECTURE

Purpose is deployed in your AWS account to make sure that no data leaves your organization without your control. Data indexing and metadata is only stored in your account as well.

Our service permissions are controlled by your AWS IAM access management. We also recommend that you set up a gateway to limit access from clients to the service.

Our servers also provide authentication and control data (green arrows in the diagram below) to make sure that only authorized users can send requests to the service.

 

This way the entire path of sensitive data (purple arrows in the diagram below) is under your control

Your AWS Account
Storage
Service
Client
User
Access Manager
Authentication Server

COMPLIANCE

GENERAL DATA
PROTECTION
REGULATION (GDPR)

We are compliant to the General Data Protection Regulation (GDPR).

CALIFORNIA CONSUMER PRIVACY ACT
(CCPA)

We are compliant to the California Consumer Privacy Act (CCPA). Our commitment towards CCPA is outlined here

LEI GERAL DE
PROTAÇÃO DE DADOS
PESSOAIS (LGPD)

We are compliant to the Brazil’s data protection law Lei Geral de Proteção de Dados Pessoais, or “LGPD”.

© 2020 by Purpose Labs