Customer Data Retention Policy
The policy for how long Alert Logic maintains customer data in its systems before permanent deletion varies according to data type. The schedule also depends on whether a customer still has an active account with Alert Logic or has ceased to have an active account. The policy is subject to individually contracted arrangements governing retention of a customer's data that has been negotiated with Alert Logic.
Some retention policies include both retention and deletion time frames. In this case, data will be deleted no sooner than the "retained for” period, and deleted no later than the "automatically deleted by” period.
Data retained after an account is deactivated is not accessible except for data export (by arrangement) or if the account is reactivated.
| Data Type | Description | Active Account Retention Policy | Inactive Account Retention Policy |
|---|---|---|---|
| Asset knowledge | Represents the documentation by Alert Logic of the customer deployments and environments such as hosts and networks | Retained indefinitely |
|
| IDS events | Input from the Alert Logic Threat Manager appliances/agents and used as a basis to create incidents | Retained for 6 months |
|
| File Integrity Monitoring (FIM) events | Input from the Alert Logic FIM feature and used to analyze actions | Retained for 12 months and automatically deleted by 13 months |
|
| Log messages | Input from the Alert Logic Log Manager appliances/agents and used to correlate with IDS events data to create incidents and analyze incidents | Retained for 12 months and automatically deleted by 13 months |
|
| Scan and compliance | Scan history and the resulting compliance results (if applicable) that are used to determine exposure/risk to a customer’s deployments and to consider against compliance initiatives such as payment card industry (PCI) |
Retained for the later of:
|
Automatically deleted by the later of:
|