We completely understand that how Rewind functions and runs its practices in terms of ensuring the safety and protection of our customers' data is not only important, but a necessity.
Currently, data is stored on servers in the US for all customers located outside of Europe. As Rewind is now fully GDPR compliant, all data and customers located within Europe are now stored within a new European data center.
*However, if the customer needs the data stored in a different location, we can work with them to store it where they need it. This feature would be available on our Enterprise plans only.
With regards to data encryption, Rewind implements a few practices for keeping data safe and secure:
1. First, we use Amazon Web Services (AWS) for hosting all of the data. The data is encrypted on the disk - at REST - using AES-256 encryption.
2. Next, all connections we make to and from Shopify and/or BigCommerce - as well as to and from AWS - are encrypted. We ensure that nothing is ever sent unencrypted.
3. Finally, access to AWS is restricted to only two employees at the company, who both need to use 2-factor authentication to login.
We pride ourselves in not only providing our customers with a strong product that ensures the safety of their stores, but in the care and measures we guarantee to uphold in order to ensure the safety of their data as well.