Data Protection

Compliance: We comply with strict privacy regulations and have an Assurance Program in place. Every year, an independent third-party auditor inspects our practices to verify compliance with General Data Protection Regulation 2016/679 (GDPR), Personal Information Protection and Electronic Documents Act (PIPEDA), and Australian Privacy Principles, among others.
Data Security: Our security practices and controls are aligned with the highest internationally recognized standards, such as ISO 27001, ISO 27017, ISO 27018, SOC 2 and SOC 3. xMatters Information Security Management System is audited semi-annually by independent auditors and is centrally managed by an experienced Information Assurance Team.
Data Hosting: Data Centers are available in 3 economic regions: North America, Asia-Pacific, and Europe. Customers can choose to have their data hosted in the same region where their service is located.
Data protection: xMatters Software as a Service (SaaS) provides an advanced set of access controls and encryption for data in transit and at rest to help customers effectively protect their information.

What type of PII does xMatters process?
Expand child menu
- To use xMatters SaaS, data controllers (our clients) only need to disclose the basic contact information required to deliver communications, such as:
  
  Name
  Email address
  Phone number
  
  From a privacy perspective, the customer is the controller of this data, and they have full control of the information, and can delete it from our platform any time they consider convenient.
Why does xMatters process customer data?
Expand child menu
- xMatters processes customer data to operate and improve our services, help customers access and use our SaaS, respond to customer inquiries, and send communication related to the services.
Who are xMatters sub-processors?
Expand child menu
- xMatters maintains an up-to-date list of the names and locations of all sub-processors used for hosting or other service-processing activities. This list can be obtained by contacting compliance@everbridge.com.
Where data is stored?
Expand child menu
- xMatters SaaS resides and stores PII in Google Cloud Platform (GCP) at the following locations:
  
  European Economic Area (EEA) and Europe-Middle East-Africa (EMEA): London (europe-west2) and Germany (europe-west3)
  
  Asia-Pacific : Australia (australia-southeast1) and Singapore (asia-southeast1)
  
  North America: South Carolina (us-east1) and Iowa (us-central1)