Data Protection and Data Recovery
ApprovalMax processes personal data as both a Data Controller and Data Processor, as defined in the Directive and the General Data Protection Regulation (GDPR). We are a Data Controller with regard to the client information we process for our own purposes, and we are a Data Processor with regard to all information clients upload to our systems, platforms or software.
All your personal information is protected and we have put in place appropriate physical, electronic, and management procedures to safeguard and secure the data we collect.
All information you upload in our app is stored in a database in a secure data centre in Microsoft Azure.
ApprovalMax utilises the built-in Microsoft Azure backup service and performs two types of backups:
- Full backups of all customer data are done daily
- Incremental backups are done every 10 minutes
Backups are stored using the built-in Microsoft Azure data storage.
The recovery of customer data is done using the built-in Microsoft Azure capabilities. In a disaster event, backed up data will be made available to users within 6-12 business hours.
For questions related to information security, please refer to our Security Portal.
2-factor authentication ApprovalMax provides a 2-factor authentication mechanism to protect users from account takeover attacks. Account takeover protection ApprovalMax protects our users against data breaches by monitoring and blocking brute force ...
Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)
Encryption in transit All data sent to or from our infrastructure is encrypted in transit via industry best practices using Transport Layer Security (TLS 1.2). Encryption at rest All our user data (including passwords) is encrypted using ...
Retention of Data
Disclosure of Data