I am in the process of completing a form in support of using Netlify at my corporate company. I have managed to answer most of the fields by using the documentation and support forum however some still escape me.
Please can you assist in answering these:
-
All ownership rights to data, inputs and outputs remain with the customer. The general terms of service and enterprise agreements must specify that ownership rights to all data, inputs and outputs of consuming the service are retained by the enterprise customer. Ownership must be retained by the customer, even in the event of a provider acquisition or bankruptcy.
-
Data Eradication - Does the SaaS solution ensure that once an enterprise deletes the data, nobody has access to it? In the notes, please provide a detailed description of how data is eradicated from the service and the time frame for that eradication once the enterprise elects to delete the data.
-
Published breach disclosure policy. To meet this criterion, the SaaS vendor must publish a breach disclosure policy that outlines who they will notify, when they will notify them, how they will notify them, and what processes the SaaS vendor will follow to protect the enterprise’s data, customers and users.
Please let me know if there are any questions or if is a better place to post this.
Cheers,