Infrastructure And Security FAQ's
How We Ensure Availability, Security, and Data Protection.
High Availability Design for Clearooms
We use the Amazon Aurora Serverless v2 database engine in a multi-AZ setup within the Ireland Region. This architecture ensures high availability and scalability to meet fluctuating demand efficiently.
Our database is only accessed through our API Servers, which are load balanced and deployed across multiple Availability Zones (AZs) for fault tolerance. Additionally, queue worker servers, which handle asynchronous processing, are also distributed across multiple AZs, enhancing resilience.
The web platform is a static JavaScript application hosted on Amazon S3 and delivered via Amazon CloudFront, ensuring low-latency, global distribution of assets. API requests from this web application do not interact with the underlying infrastructure directly.
Our tablet and mobile apps connect to the same API and are distributed through app stores, decoupling delivery from our operational infrastructure.
Recovery Time Objective
While our infrastructure is designed for high availability and resilience, in the unlikely event of a disaster, our Recovery Time Objective (RTO) is set at three days, ensuring that the platform can be restored within this timeframe under worst-case scenarios.
Client Data Isolation
Client data is isolated at the application level using strict access controls. Each organisation's data is segregated logically within the database using unique identifiers, and comprehensive test suites are in place to validate that records are completely inaccessible to other organisations.
Retention Period for Room Booking Data
We currently retain all booking data for the duration of an active subscription. Upon termination of the subscription, all data associated with the organisation is permanently deleted.
Data Recovery on Request
Data can be recovered on request for up to 35 days following deletion. After this period, it is permanently destroyed. Recovery requests are processed manually and require coordination with your account manager to initiate.