Skip to content
All policies

Security policy

Business Continuity & Disaster Recovery

1.0 (public summary)

Continuity and recovery objectives for Privion Intranet and PAnalytics, backup strategy, and restoration planning.

Last updated

Privion plans for continuity of Privion Intranet and PAnalytics so that hosted analytics and related services can be restored after disruption.

Backups and recovery

PAnalytics is Privion-hosted Matomo on a shared Privion-managed Azure stack (Azure West US 2). Clients may instead deploy Matomo in their own environment.

Privion acts as data processor for visitor analytics collected on clients' websites when the hosted service is in use.

Backup and disaster recovery (implemented):

  • Automated nightly MySQL logical backups (mysqldump) from Azure Database for MySQL Flexible Server
  • Cross-region copy to Azure Blob Storage in Azure West Central US (30-day retention; lifecycle-managed)
  • Documented restore procedure (provision recovery-region MySQL Flexible Server in Azure West Central US and replay latest dump)
  • Quarterly recovery test per documented procedure
  • RTO/RPO targets available on request

Privion Intranet

Privion Intranet processes documents into structured outputs via cloud AI services. Privion's processing methodology is proprietary and is not disclosed publicly to protect competitive advantage.

Continuity planning focuses on service availability and restoration of configuration rather than customer content recovery.

For third-party processing dependencies (for example, Azure OpenAI), see the Subprocessors page on the Trust Center.

  • Documents are transmitted to processing infrastructure via encrypted channels.
  • Results are returned to the client and made available for download.
  • Documents and intermediate processing artifacts are not retained persistently on Privion infrastructure after delivery.
  • No training data re-use: client data is not used to improve Privion products or third-party model services.
  • For detailed data residency and processing specifics, see the Data Processing Agreement (available under NDA).

Privileged-access program

Privion maintains documented records of GDAP relationships, PIM role assignments, and partner access procedures to re-establish client tenant administration after disruption.

Recovery playbooks cover partner center unavailability, compromised administrative accounts, and client offboarding.

Procedures are reviewed at least annually; exercise and test evidence available under NDA.

Download Trust Center PDF

Full policy under NDA

This page is a public summary for procurement and security review. The complete policy, including operational procedures and evidence references, is available under NDA. Contact security@priviontech.com to request a copy.