Data Security
At Whip Around, the security and integrity of your data are paramount. We have engineered a comprehensive process for data management that ensures your information is protected by strict access controls while allowing for swift and efficient support when you need it. This document outlines our secure protocols for data recovery, deletion, and retention.
1. Data Deletion: Control and Security
Whip Around provides you with direct control over your data within the application, supplemented by a secure process for permanent deletion.
Soft Delete (User-Controlled): Within the Whip Around application, you have the ability to perform a “soft delete” on items like inspections or work orders. This action removes the item from your active view but places it in a temporary holding state, allowing you to easily recover it yourself if needed.
Hard Delete (Permanent Deletion): For permanent, irreversible deletion of data, you can submit a “hard delete” request. This process follows the same secure, multi-layered protocol outlined below for data recovery, ensuring that the action is verified, authorized, and securely executed by our team.
2. How to Initiate a Data Recovery or Hard Delete Request
We provide multiple convenient channels for you to request data recovery or permanent deletion. Our goal is to make the process simple and accessible for your team.
You can initiate a request by:
Contacting our Support Team via phone, email, or our in-app chat service.
Reaching out to your dedicated Customer Success Manager (CSM) who can formally launch the process on your behalf.
Once a request is received, it is formally logged and assigned a unique tracking identifier.
3. Our Secure, Multi-Layered Internal Process
To protect your data from unauthorized access, Whip Around operates on a principle of least privilege. Our internal data management process is strictly controlled and fully auditable.
Layer 1: Authorized Frontline Support Our frontline technical support team is equipped with a limited set of purpose-built, secure tools. These tools allow them to perform common recovery or hard delete operations. Their access is restricted only to the functions necessary to resolve standard, documented requests.
Layer 2: Senior Engineering Escalation Any request that falls outside the scope of our frontline team’s standard toolset requires formal escalation. These requests are routed to our senior engineering team through a secure, internal ticketing system. An engineer must be specifically assigned the task, and access is granted only for the duration required to fulfill your request.
Layer 3: Comprehensive Audit Trail Every action taken, from the initial customer request to the final resolution by our engineering team, is meticulously logged and tracked. This creates a permanent and unbroken audit trail for every data management operation, ensuring full transparency and accountability.
4. Data Retention Policy (Post-Service)
In compliance with our ISO policies and commitment to data privacy, all customer data is permanently deleted from our systems after the termination of our service agreement. This ensures that your information is not retained beyond the necessary period.
This structured, multi-layered approach guarantees a process that is:
Secure: Your data is protected by strict, role-based access controls and a “never trust, always verify” security model.
Efficient: Our tiered system ensures your request is immediately triaged and handled by the appropriate team for the fastest possible resolution.
Accountable: With a comprehensive audit trail, every step of the process is documented and reviewable.