Data Security

Data at Rest & in Transit

All data stored in the Zenoo platform is encrypted using AES-256, ensuring unauthorised access is prevented.

All data transmissions are secured using TLS 1.2 or higher.

Key Management

Encryption keys are managed securely through Key Management Service (KMS), enforcing strict access controls. Custom keys (CMK) are provisioned to be used by relevant service data encryption at rest.

Retention

Onboarding journey data including PII is not stored permanently by Zenoo services. It’s kept for a limited period of time for the onboarding process. Once the onboarding journey is complete, the execution related data is removed.

This execution data retention is configurable in the hub backend instance (execution config). It’s 15 minutes by default.

Besides execution retention, there’s also a feature called sharable token which supports the API init functionality which is used to initialise the onboarding journeys. It has a time to live (TTL) duration which is set in Studio. It can be an hour or a day. Maximum allowed duration is 7 days.