At Domino Data Lab, we believe that models and data are core to the success of a business. In light of GDPR, which comes into effect on May 25, 2018, we have been working to ensure that customers understand what this new legislation means in terms of their business, and their relationship with Domino.
Domino Data Lab interacts with personal data in two ways:
- The content of data files and results of data science activities performed by users of Domino.
- The personal data of users of the platform (name, email address and IP address).
How does Domino Data Lab interact with data loaded into the platform?
The Domino platform does not systematically access or process the contents of files loaded into the system. As a Domino customer, your users may upload data (including personal data) to do data science. In that case, as computations are performed, our sub-processors such as AWS will process the data as you specify.
How does Domino Data Lab use the personal data of users of the platform?
A variety of logging and performance tools are used to allow us to provide better support and improve the product. As a part of these logs, user ID’s are often used to connect the logs to the specific conditions of the errors and enable proactive support when possible.
How long does Domino Data Lab retain personal data?
Domino’s Data Retention Policy states that it will only retain user data, and the contents of any hosted environment for 90 days following the closure of the last account with a given customer. If the deletion or return of specific data is required in advance, a request can be filed with our support team following the format as specified on the knowledge base.
Where are Domino Data Lab’s servers located?
Domino’s servers are operated by Amazon Web Services in the United States and Europe.
Does Domino Data Lab give me the option to delete or return personal data?
Customers can request the return or deletion of their data at any time by following the format as specified on the knowledge base.
What can I be doing to ensure my configuration of Domino is optimal for GDPR?
- Follow your company’s best practices for tagging or commenting on projects or files which include or reference personal data. At minimum, personal data should be tagged as personal data.
- Implement audit logging on all databases outside of Domino if you are accessing these sources from Domino.
- Isolate databases inside of Domino to their own project. Then that project can be shared to other projects when required.