Customer Data Retention Policy
The policy for how long Alert Logic maintains customer data in its systems before permanent deletion varies according to data type. The schedule also depends on whether a customer still has an active account with Alert Logic or has ceased to have an active account. The policy is subject to individually contracted arrangements governing retention of a customer's data that has been negotiated with Alert Logic.
Some retention policies include both retention and deletion time frames. In this case, data will be deleted no sooner than the "retained for” period, and deleted no later than the "automatically deleted by” period.
Data retained after an account is deactivated is not accessible except for data export (by arrangement) or if the account is reactivated.
| Data Type | Description | Active Account Retention Policy | Inactive Account Retention Policy |
|---|---|---|---|
| Asset knowledge | Represents the documentation by Alert Logic of customer deployments and environments such as hosts and networks | Retained indefinitely |
|
| IDS events | Threat intelligence inputs captured from Alert Logic appliances/agents and used as a basis to create incidents | Retained for 6 months |
|
| File Integrity Monitoring (FIM) events | Events captured from the Alert Logic FIM feature and used to analyze actions | Retained for 12 months and automatically deleted by 13 months |
|
| Log messages | Log data captured from the Alert Logic appliances/agents and correlated with IDS events data to create and analyze incidents | Retained for 12 months and automatically deleted by 13 months |
|
| Scan and compliance | Scan history and the resulting compliance results (if applicable) that are used to determine exposure/risk to a customer’s deployments and to consider against compliance initiatives such as payment card industry (PCI) |
Retained for the later of:
|
Automatically deleted by the later of:
|