All of the data created on our EngagementHQ technology platform belongs to our clients and their communities, and as such is governed by our clients’ policies. The role of our platform is to process the data in accordance with the service agreements with our clients. 

Please see further information on the role we play as data processor, and also about our information security practices.

How is this information stored in EngagementHQ

EngagementHQ is hosted on Amazon Web Services (AWS) infrastructure within the local region with data encrypted and stored in AWS RDS. All information is handled in this single system from creation until final deletion.

How long we retain the information we collect in EngagementHQ

The client data on our systems will be retained for the term of the contract with the client. All access and modification to this information is logged and retained for this duration (or as per the client contract).

We purge all this data permanently within three months of the end of the client contract. Data is available for clients to download and retain as a document download in MS Word format, PDF, Excel and also via API till the end of the contract term.

When and how we erase information in EngagementHQ

On client confirmation that their EHQ sites is no longer required and can be de-commissioned, on the agreed date, the site and all its contents will be removed permanently. The change will be effective immediately and all information removed permanently from our systems and databases. Database backups retained for disaster recovery purposes will also be permanently erased within 3 months of contract termination.

Bang the Table is committed to the secure and safe disposal of this information in accordance with our contractual and legal obligations and we do so in an ethical and compliant manner. We use the tools provided by our AWS infrastructure to erase data in a way that it cannot be reconstructed. We confirm that our approach and procedures comply with the laws and provisions made in the General Data Protection Regulation (GDPR) and that staff are trained and advised accordingly on the procedures and controls in place.

How we handle on demand data disposal requirements in EngagementHQ

The GDPR introduces a right for individuals to have personal data erased. In these specific circumstances, Bang the Table will work with the client to first ensure that a legal obligation or legitimate reason applies. This request will have to be authorised by the client site administrator, by email and carried out by the Client Experience Management Team. This will be done in conjunction with the client site administrator, to ensure that all data relating to that individual has been erased and written confirmation or explanation will be provided within 30 days of the request being received.

Did this answer your question?