Information Security Considerations
Census can be used to process all kinds of data, including personally identifiable information (PII), depending on how it has been configured. This article describes the practices put in place at Census to ensure data is handled securely and efficiently. This is not a formal Service Agreement – please contact our team for more information.
Company data processed by Census
Visibility of data. Census stores credentials to access company data that are scoped to limit access to records that are used to perform synchronization through Census. Census does not retrieve data for purposes other than synchronization jobs configured by our customers. The credentials to access systems are encrypted at rest.
Data encryption. All connections between Census and data sources (e.g. AWS Redshift, Snowflake, BigQuery), as well as connections from these data sources and AWS S3, are protected by TLS encryption. All Census data stored in S3 is encrypted with AWS Server-Side Encryption (SSE).
Data storage. All data used by synchronization jobs as well as metadata about the state of synchronization jobs is stored within the company's provided data warehouse. During processing of a job, Census temporarily stores synchronization state in AWS S3 while data is in transit to external systems like Salesforce. All processed data is always deleted using redundant automated processes:
- Temporary state can only be read by a distinct AWS user with different credentials, and is cleaned up at the end of each synchronization.
- In addition, all S3 buckets are configured with lifecycle policies that automatically purge published data after 7 days, as a second line of defense against accidental data retention.
Company employees interacting with Census
Employee PII. Census stores email addresses associated with the administrators who interact directly with the Census service on behalf of your company. IP addresses associated with sessions in the Census product are deleted after 7 days.