Simployer Trust Center › Security and IT › IT security policy › Data storage
Data storage
Types of data
Structured data is stored in databases. Database data (data, information that is manually entered or populated into datafields in Simployer) is stored in database servers with our hosting partners within the EU/EEC.
Unstructured data is stored in dedicated file storage. Documents (files and images that are manually uploaded to Simployer) are stored in storage services with our hosting partners within the EU/EEC.
Ownership of data
Data entered manually, or by integrations, into Simployer by the customer is the customers property as regulated by the Data Processing Agreement.
Data isolation
Simployer data storage follows principles for data isolation between customers. I.e. data from different customers is never mixed within the same logical storage containers.
Encryption at rest
Simployer enforces encryption at rest through our hosting partners. Encryption at rest provides data protection for stored data (at rest). Encryption at rest is designed to prevent an attacker from accessing the unencrypted data by ensuring the data is encrypted when on disk. If an attacker obtains a hard drive with encrypted data but not the encryption keys, the attacker must defeat the encryption to read the data.
Storage containers in use in Simployer
Simployer operates with a range of physical and logical storage containers for customer data:
- Dedicated database - Customer data is stored in dedicated, customer specific databases with customer specific connection strings.
- Multi tenant database - Customer data is stored in a common database with row level security. Row level security ensures that customer data operates within a dedicated logical database. Logical database has customer specific connection string.
- Azure BLOB storage (Binary Large Object) is used for document storage. Data isolation is secured with customer specific Azure BLOB containers with customer specific connection strings.
A specific storage example for the module “Sick Leave”
Data and metadata regarding a sick leave entered into Simployer by the customer is stored in a dedicated database at our hosting partner Microsoft Azure within the EU/EEC. Any supporting document, such as a doctor's declaration in document form, will be stored at our hosting partner Microsoft Azure in a customer container in BLOB storage within EU/EEC. Data isolation and encryption at rest is enforced. Backup data according to our backup policy is stored in a different datacenter at our hosting partner Microsoft Azure within EU/EEC.
