RTB Global, Inc. Security Policy
Security is of the utmost importance to RTB Global, Inc. DBA Cloud9 Real Time (Company, RTB) and we store Client (Customer, User) documents in a secure, fully redundant SSAS70 Type II compliant data center backed by proven procedures to ensure that your files are as secure as possible. Our information and physical security processes and data storage environment ensure that your data is safe and secure at all times.
All data on RTB’s servers is automatically treated as private and confidential by default. Data is only accessible to others if the client provides them with access. All user access to your account is always password protected and encrypted.
Application Access Security
RTB uses established, secure password and privilege techniques to validate access to all application data. Based on user privileges that you determine, RTB screens for proper access permissions before presenting data.
RTB employs an idle time out policy from our shared environment as a security feature and to maximize the resources of our application serves. The idle time out period is set for 1 hour, however, this can be shortened based on time of day, server resource usage and other factors, but never less than 30 minutes. Our virtual server environment also has an idle our period of 1 hour, however, arrangements can be made to alter this policy. Please contact technical support if you desire to change this.
Data Storage Security
RTB stores data at a SAS70 Type II compliant data center that assures the redundancy, power and network connections needed to securely host your data and ensure the availability of information when you need it. These facilities provide a 99.9% network uptime guarantee and 24x7x365 monitoring. RTB’s infrastructure is obtained in a Statement of Auditing Standards (SAS) 70 Type II Certified hosted data center with full redundancy and load balancing. Firewall management and monitoring services are used as well as intrusion prevention systems to prevent unauthorized electronic access.
If you would like to obtain a copy of your documents for archival purposes, you can securely download all documents and files at your own convenience or order from RTB a backup of disks for a nominal fee.
RTB utilizes a SAS70 Type II compliant data center facility that employs multiple layers of physical and electronic security to provide the highest levels of deterrence and protection from unauthorized access and potential threats to your business. This comprehensive security environment consists of:
- 12+ Megawatts from San Diego Gas & Electric
- 2N and N+1 AC UPS power plants
- A/B, 120/208v, Single-phase/Three-phase circuits available
- Up to 16 KWs per rack or higher
- N+1 emergency generator configuration
- Minimum 24-hour run time fuel capacity onsite
- Full data-grade HVAC system with N+1 redundancy
- N+1 CRAC/CRAH units on data center floors
- 72 degree ambient air temperature (+/-2 degrees)
- 45% humidity (+/-5%)
- Zoned Halon fire protection in all data center suites
- Dry-pipe, pre-action double interlock fire suppression system
- Zone specific discharge
- Multiple fiber vaults with diverse entry into the data center
- Large carrier-neutral meet me room
- Option to access performance-routed blended network
- Multiple fiber providers on-site
- 24x7x365 on-site security staff
- Camera with remote door release at facility entrance – only authorized personnel are allowed to enter
- Biometric hand scanner at man trap entrance
- Card access control at all interior doors
- CCTV digital surveillance cameras with 180 days storage on all main data center areas
- Motion-detection for lighting on data center floors
- All customer equipment is registered upon arrival and can only be removed by authorized personnel
- Shipping and receiving area is isolated from the collocation floors
Personally Identifiable Information
It is always up to you whether to disclose personally identifiable information to us, although if you elect not to do so, we reserve the right not to register you as a user or provide you with any products or services. “Personally identifiable information” means information that can be used to identify you as an individual, such as, for example:
- your name, company, email address, phone number, billing address, and shipping address
- RTB user ID and password
- credit card information
- any account-customization you provide us
- your computer’s domain name and IP address, indicating where your computer is located on the Internet
- session data for your login session, so that our computer can ‘talk’ to yours
If you do provide personally identifiable information to us we will:
- not sell or rent it to a third party without your permission — although unless you opt out (see below), we may use your contact information to provide you with information we believe you need to know or may find useful, such as (for example) news about our services and products and modifications to the RTB SLA
- take commercially reasonable precautions to protect the information from loss, misuse and unauthorized access, disclosure, alteration and destruction
- not use or disclose the information except:
- as necessary to provide services or products you have ordered, such as (for example) by providing it to a carrier to deliver products you have ordered;
- in the aggregate with other information in such a way so that your identity cannot reasonably be determined (for example, statistical compilations);
- as required by law, for example, in response to a subpoena or search warrant;
- to outside auditors who have agreed to keep the information confidential;
- as necessary to enforce the SLA
- As necessary to protect the rights, safety, or property of RTB, its users, or others; this may include (for example) exchanging information with other organizations for fraud protection and/or risk reduction.
Other information we collect
We may collect other information that cannot be readily used to identify you, such as (for example) the domain name and IP address of your computer. We may use this information, individually or in the aggregate, for technical administration of our Website(s); research and development; customer- and account administration; and to help us focus our marketing efforts more precisely.
What are cookies?
A cookie is a piece of data stored on a user’s computer that identifies information about a user to a system. Cloud9 may use both session ID cookies and persistent cookies. Session based cookies are erased when you end a session with Cloud9, close your Internet Browser or turn off your computer. Persistent cookies reside on the computer until they are removed by the user within the Internet Browsers settings. A user that has settings to remove all cookies upon closing the Browser will remove all cookies session and persistent. In doing so, it may become necessary to re-enter information stored on the cookie. Cookies from Cloud9 do not hold personally identifiable information about the user.
Like most standard websites, we use log files. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the site, track user’s movement in the aggregate, and gather broad demographic information for aggregate use. However, none of the information stored in our log files, including but not limited to IP addresses, is linked to personally identifiable information.
Offers and Updates
Our customers and users will occasionally receive information on products, services, special deals, and possibly a newsletter. Out of respect for the privacy of our users we present the option to not receive these types of communications.
Service and Maintenance Announcements
On rare occasions it is necessary to send out a strictly service related announcement, if, for instance, our service is temporarily suspended for maintenance. Generally, users may not opt-out of these communications, though they can deactivate their account. However, these communications are not promotional in nature.
Disclosure of Information
Cloud9 may use collected, aggregated, anonymous data from its users to share to potential investors or current shareholders. In such cases, only statistical information will be shared. Data in regards to personal information would only be released upon permission from the user, or a warrant.
To help protect your privacy, be sure:
- Not to share your user ID or password with anyone
- Log off the e-Dashboard, and any other RTB Website(s) and servers when you are finished
- Take customary precautions to guard against “malware” (viruses, Trojan horses, bots, ), by installing and updating suitable anti-virus software to your computer.
Notice to European Union users
RTB’s operations are located wholly in the United States. If you provide information to us, the information will be transferred out of the European Union (EU) to the United States. By providing personal information to us, you are consenting to its storage and use as described herein.
You must be at least 18 years old to use RTB’s Website(s) and service(s). RTB does not knowingly collect information from children under 18. (See the [U.S.] Children’s Online Privacy Protection Act.)
Questions or Comments