Skip to main content
Skip table of contents

8. Data Privacy

At Thru, we recognize that privacy is fundamental to the trust our customers place in us. Our commitment to protecting your data privacy is unwavering and forms a cornerstone of our business ethics and operations.

We understand that as a Managed File Transfer service provider, we are entrusted with sensitive and confidential information. This responsibility drives us to implement rigorous privacy measures that go beyond mere compliance with legal requirements.

Our privacy practices are designed to align with global privacy standards such as the General Data Protection Regulation (GDPR). We continuously monitor the evolving privacy landscape to ensure our policies and practices remain at the forefront of data protection.

Key aspects of our privacy commitment include:

  1. Transparency in our data collection and usage practices

  1. Implementing technical and organizational measures to protect your data

  1. Empowering our customers with control over their data

  1. Cultivating a culture of privacy awareness among our employees

This section of our Security Whitepaper outlines the specific measures and policies we have in place to uphold this commitment. It demonstrates how privacy considerations are deeply embedded in our services, from the initial design phase through to daily operations.

We believe that strong privacy protections are not just a legal obligation, but a crucial element in building and maintaining the trust that is essential to our business relationships. Our goal is to provide you with the peace of mind that your data is not only transferred securely but also handled with the utmost respect for privacy at every step.

8.1      Data protection measures

We implement stringent data protection measures to ensure the privacy of our customers' information. Our approach combines technical safeguards, operational procedures, and privacy-enhancing technologies.

  1. Data Minimization: We collect and retain only the data necessary for providing our services.

  1. Encryption: All personal data is encrypted at rest and in transit using industry-standard protocols.

  1. Access Controls: Strict role-based access controls limit data access to authorized personnel only.

  1. Data Segregation: Customer data for multi-tenant instances are logically segregated through multiple isolation approaches, including row-level security in SQL databases, using separate databases per customer in MongoDB, and maintaining unique storage accounts per customer in Azure to prevent unauthorized access and cross-contamination.

  1. Data Processing Agreements: We maintain robust agreements with all sub-processors, ensuring they adhere to our privacy standards.

  1. Data Subject Rights Management: We have implemented efficient processes to handle data subject requests (access, rectification, erasure, etc.)

  1. Privacy Training: All employees undergo regular privacy training to ensure awareness and compliance with data protection policies.

  1. Data Sovereignty: Data localization options are available for customers with specific geographic requirements.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close