Backup Policy

Effective Date: 6th May 2020

This Backup Policy is designed to ensure appropriate levels of integrity and availability for the data that we rely on for our business. It considers how data is protected in the event of a system failure, accidental deletion, or malicious attack.

Policy

The following general principles apply to the Trelica production environment, and also information assets that form part of Trelica's internal business processes:

  • A minimum level of backup information (together with accurate and complete records of the backup copies and documented restoration procedures) is stored in a remote location, at a sufficient distance to escape any damage from a disaster at the main site

  • Backup data is given an appropriate level of physical and environmental protection commensurate with the standards applied at the main site

  • Backups will be encrypted both in transit and at rest

  • Restoration procedures are regularly checked and tested to ensure that they are effective and that they can be completed within the time allotted in the operational procedures for recovery

  • Backup data is treated the same way as the source data from a legal perspective. Specifically backups containing personal data relating to UK/EU citizens are made and stored in accordance with UK/ EU legislation

  • Backups reflect the information retention schedule applicable to the data being being processed. Any deviation from this should be documented and approved by the information asset owner.

Where Trelica is responsible for making backups:

  • Backups are automatically scheduled daily

  • Backups are automatically checked to ensure that they were carried out. Automatic notifications are sent in case of a failure, with any such failures logged as an incident and escalated as required

  • We do not rely on being notified of failure - the notification of failure can itself fail. Manual checks are made on a regular, scheduled basis to ensure backups are being carried out successfully

  • Restoration procedures are regularly checked and tested to ensure that they are effective and that they can be completed within the time allotted in the operational procedures for recovery

  • Backups shall be retained for a minimum of 30 days

  • Reports of backup activity shall be maintained. The report shall contain the following information: Date of backup, Backup status (i.e. successful / unsuccessful), Service name

Contacting Trelica

Feel free to contact us if you have any questions about Trelica’s Backup Policy. You may contact us at [email protected] or at our mailing address below:

Trelica The Bradfield Centre 184 Cambridge Science Park Milton Road Cambridge CB4 0GA United Kingdom