Clever Logger Data hosting and security
Data Hosting and Security
User Security
Yes. Different users can be assigned various permission levels.
- Usernames and email addresses may be classified as personal information.
- No sensitive or health information is collected.
- No passwords are stored (strictly One-time Passcode Login).
- Clever Logger does not collect or store sensitive information or Protected Health Information (PHI).
- User email and name are the only personal information collected.
- Access is protected through controls, encryption in transit, and encryption at rest.
- Anonymized customer data may be used internally for debugging and testing.
- Anonymized error logs and performance metrics may be sent to Sentry (can be disabled with browser extensions or firewall rules).
- Data is stored for at least two years (currently stored indefinitely).
- Customers can export temperature data as CSV/XLSX or PDF.
- Retention beyond two years can be arranged upon request.
Temperature and humidity logs, usernames, email addresses (no passwords), device IP addresses, Wi-Fi SSID name (not passwords), and organization contact details if entered.
Yes. It complies with the Australian Privacy Act 1988 (Cwth), the Australian Privacy Principles (APPs), and various Australian State Health Acts.
- Computers used to administer Clever Logger apply OS and software patches within two weeks.
- Cloud platform patches are tested and prioritized.
- Third-party software is regularly reviewed for security patches.
- OS and application patches from AWS are applied as soon as notifications are received.
- Gateways update to the latest firmware/OS automatically if security patches are available.
Location
Sydney, Australia.
AWS – Australia, USA.
Australia, USA.
Development
- The Lead Developer has full system access.
- Other developers only access the code they are working on.
- Version control is managed within Git.
- Yes. Developers without production system requirements do not have access.
- Cloud accounts (e.g., AWS) are fully segregated with unique credentials.
- All staff use a password manager and are encouraged to generate complex passwords.
- Password audits are conducted periodically.
- Passwords are audited and reset upon termination of employment.
Immediately.
- Developers do not store local copies of data.
- Data is accessed remotely with 2FA.
- Access can be removed remotely if hardware is lost or employment is terminated.
- Development occurs on local machines.
- Builds are tested on a staging server.
- Only the senior developer has access to deploy to production.
Yes. Data is regularly backed up to ensure reliability.
Yes. There are distinct environments for testing and live operations.
Yes. We have a 99.9% up time.
- AWS is used for databases, API nodes, and file storage.
- Cloudflare provides DNS and DDoS protection.
