Ortto takes storage of your data very seriously and we take several measures to ensure that you do not experience any data loss when using our products.
Ortto regularly tests restores from our backup system in accordance with our Backup recovery policy and Disaster recovery plan.
Data is replicated across multiple data centers
Ortto runs two databases and for both, the data is replicated across 3 separate Amazon Web Services (AWS) data centres, each located in different regions. Therefore, it would take multiple data centres to fail, thereby preventing the databases housing your data from being read and written to. A data loss across all regions has never happened before. See Disaster recovery plan for what will happen if it does.
In addition to this data replication, both databases are configured to be automatically backed up on a regular basis. The primary database that stores your customer data, is backed up once per day, and the secondary database that stores email campaigns, statistics, and other meta data, is backed up every 6 hours.
In addition, secure copies of the backups are made daily on a different cloud computing providers, so in the event that AWS were to completely fail, the entire system can be restored in reduced time, and you would never lose your data.
Backup retention and GDPR
Ortto retains backups for a maximum of 30 days. This length of time was chosen because if you receive a GDPR request to remove data from your database, it will automatically be removed from backups within the mandatory time of 30 days without having to manipulate the backups themselves.