LEGEND DYNASTY PTE.LTD. and its affiliates (hereinafter referred to as “EdgeNext” or “we”) value the data security of our customers. As a cloud service provider, EdgeNext provides various activities and services in compliance with relevant data protection laws and regulations and provides customers with a stable, secure and data-friendly cloud environment. Adhering to the concept of providing customers with adequate data protection, we are committed to becoming a stable, reliable, secure and reliable cloud partner with sustainable evolution.
If customers have any questions about this Statement or other related matters, please contact us as follows. We will provide you with further instructions and explanations to meet your needs.
Email: info_apac@edgenext.com
Service-Hotline: +65 68718812
Address: 1 Pickering Street, Level 8, Great Eastern Centre, Singapore 048659
1.1. Customer data refers to the data stored in the EdgeNext server by the customer due to the use of EdgeNext services, including but not limited to text, audio, video or images.
1.2. The customer data does not include the customer’s EdgeNext account data and the data generated by the customer using EdgeNext services, this type of data does not apply to this statement; the customer can click on the “EdgeNext Privacy Policy” to understand our processing policy of such type of data, including the collection, use, storage, sharing and other specific information.
2.1. Customer Data is controlled and managed by the Customer, who is the controller of such data. We do not access or use customer data unless otherwise required by law or mutually agreed. Customers decide for themselves how they control customer data. We will carry out the corresponding data processing activities in strict accordance with the written instructions of the customer.
2.2. Customers have full control over customer data and should correctly and comprehensively identify cloud data, select appropriate services and formulate security and data protection policies to protect personal data. Customers should perform security configuration work according to business and data protection requirements to ensure that the processing of customer data complies with the requirements of relevant laws and regulations on data protection.
2.3. Customers can take security protection measures for the computer information systems they use in accordance with the relevant country regulations and EdgeNext service rules, such as installing special products for computer information system security approved by the country. Customers can also choose to manage their own encryption keys according to the encryption functions we provide.
We strictly implement this statement and the relevant commitments we have made and ensure customer data security from the full life cycle of data use, storage, and disclosure through data security technology and security management measures.
3.1 Use
3.1.1 We always play the role of providing basic support for customers and will not access or disclose customer data except in other cases mentioned in this statement. We prevent unauthorized access or disclosure of customer data through reliable and sophisticated technical and physical controls and strict internal management systems.
3.1.2 Customers manage their own access to and use of customer data. We will provide a range of access, encryption and logging capabilities that can effectively help customers achieve this goal.
3.2 Storage
3.2.1 In order to ensure the security and stability of the service, if customers use our cloud storage products, we will provide customers with multiple storage copies and backup services. We may perform irregular upgrades and migrations of EdgeNext’s computer room, server, bandwidth, database and other products. When major changes are involved (such as computer room migration), we will notify customers in advance.
3.2.2 According to the agreement reached between EdgeNext and the customer, customer data will be retained for a reasonable period of time after the expiration or termination of the service, and the customer must complete the migration of customer data before the expiration of the retention period. After the retention period expires, unless otherwise stipulated by law, the EdgeNext service system will automatically delete all customer data and account information of the customer, and all data after deletion cannot be recovered.
3.3 We have established data centers around the world to meet the multiple deployment needs of our customers. When cross-border transmission is involved in the operation and provision of services, we will follow local regulations and requirements, such as signing data transmission agreements, obtaining explicit consent from customers, etc., to ensure the legality of data transmission and subsequent processing.
3.4 Disclosure
Unless otherwise required by law, we will protect customer data in accordance with the law and will not disclose customer data without authorization.
4.1 Based on years of experience, EdgeNext has built a strong data security guarantee system, and complies with the compliance requirements of different countries and industries and builds a complete information security management mechanism to provide customers with cloud services that are trustworthy. We are continuously advancing the data protection security assurance plan of the construction system to help customers establish and operate security protection and control processes to achieve security assurance.
4.2 EdgeNext provides customers with a variety of data protection technologies, including access control and identity authentication, data encryption, logging and auditing and related enhanced technologies, as well as various services of EdgeNext based on this, to help customers according to business needs. data protection. We will endeavor to implement the following safeguards:
(1) Strict management and control measures are taken for the data retained in the EdgeNext platform, and in order to ensure data security, unified management of access, authentication, authorization, storage, and auditing is carried out.
(2) Implement role-based access control rights management for the rights of operation and maintenance personnel, grant corresponding rights according to job requirements and conduct regular monitoring to ensure that access rights match job requirements.
(3) Regularly conduct retrospective audits on logs, and review personnel operations to check the rationality and necessity of personal data operations.
(4) Conduct due diligence and data security assessment on suppliers providing data processing services as required, and the contracts signed with them will clarify the data protection obligations of suppliers as processors/sub-processors and the requirements of applicable laws and regulations. requirements to ensure that suppliers meet customer data protection requirements.
(5) Equipped with a professional team to fully respond to customers’ requests related to data protection, complete the request processing within the specified time after receiving the customer’s request, and feedback the processing results to the customer. In the unfortunate event of a data breach, we will fully fulfill our legal obligations, disclose it in a timely manner, and implement emergency plans and recovery procedures to minimize the impact on customers.
4.3 We make continuous efforts to take more secure physical and technical measures and strengthen security management to protect customer data. When customers use EdgeNext services, we provide encryption functions for customer data in transmission and storage according to customer needs, and support customers to choose to manage their own encryption keys.
4.4 We have obtained information security management system certificationISO27001, quality management system certification ISO9001, information technology service management system certification ISO20000, privacy information management system compliance evaluation ISO27701, business continuity management system certification ISO22301, personal identifiable information security management system certification ISO27018, cloud services Information security management system certification ISO27017, compliance management system certification ISO37301 and other certifications for information security management activities related to technical services such as cloud distribution, with the corresponding security competence.
APAC Region
info_apac@edgenext.com
+65 6612-7376
North America Region
info_na@edgenext.com
Seattle Office
+1 (800) 260-5186
EMEA Region
London Office
info_emea@edgenext.com
+44 (0) 20 3105 5587
Dubai Office
info_mena@edgenext.com
