• Overview
    Key features
    • Observability
    • Auto-scaling
    • Multi-framework
    • Security
    Frameworks
    • Django
    • Next.js
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    Languages
    • PHP
    • Python
    • Node.js
    • Ruby
    • Java
    • Go
  • Industries
    • Consumer Goods
    • Media/Entertainment
    • Higher Education
    • Government
    • Ecommerce
  • Pricing
  • Overview
    Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Login
  • Request a demo
  • Free Trial
Trust CentersecurityData collection

Data collection

Information about data privacy, including our Record of Processing Activities, can be found at our Privacy page.

Application logs

Application logs are those generated by the host application or application server (such as PHP-FPM). These logs are immutable to Customers to prevent tampering. They are also secured behind key-based SSH so that only the Customer and our relevant teams have access.

System logs

Platform.sh records routine system logs. We do not access Customer-specific system logs or the customer environment unless one of the following situations applies:

  1. we are requested to do so by the Customer,
  2. to fix a problem or outage,
  3. to prevent an outage, or
  4. to comply with a legal obligation.

Access logs

There are two main types of access logs: Web and SSH.

Web access logs

Application access logs are immutable to Customers to prevent tampering. These logs are secured behind key-based SSH so that only the Customer and our relevant teams have access.

SSH access logs

SSH access logs are securely stored in our infrastructure and aren’t accessible to Customers. These logs can be accessed by Platform.sh support personnel as part of an audit, if requested.

Access by Customers and Platform.sh support personnel to customer environments is logged. However, to protect Customer privacy, we only log the connection itself, not what was done during the session.

Vendor data sharing

We have identified and mapped all data we collect and share with vendors. We know what categories of data are collected and to which geographical destinations such data is transferred. All of our vendors have been assessed for security and GDPR compliance. We have the relevant Standard Contractual Clauses (SCCs) and Data Processing Agreements (DPAs) in place where applicable.

Company
AboutSecurity and complianceTrust CenterCareersPressContact us
Thank you for subscribing!
  •  
Field required
Leader Winter 2023
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceAcceptable Use PolicyManage your cookie preferencesReport a security issue
© 2024 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺