Data deletion is handled via our backend providers. When a volume is released back to the provider, the provider will perform a wipe on the data utilizing either NIST 800-88 or DoD 5220.22-M depending upon the offering. This wipe is done immediately before reuse.
All projects, except those hosted on Orange Cloud for Business, utilize encrypted volumes. The encryption key is destroyed when we release the volume back to the provider, adding another layer of protection.
Media destruction is handled via our backend providers. When the provider decommissions media it undergoes destruction as outlined in NIST 800-88.
Data subject deletion requests where Platform is the controller are handled via a support ticket. For contracts designating Platform as the processor, deletion requests should be sent to the controller and we will forward any that we receive.
Our product is a Platform as a Service. Platform does not directly edit customer data to ensure data confidentiality, security, and integrity. All data deletion requests for customer data must be handled by the concerned data controller.