Schedule 2: Controller-to-Controller Information for International Data Transfers

Measures of pseudonymisation and encryption of personal data

Bamboozle’s databases that store Customer Personal Data are encrypted using the Advanced Encryption Standard (AES). Customer data is encrypted in transit between the Customer’s software application and Bamboozle using TLS v1.2.

Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services Measures for ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident

Bamboozle uses a variety of tools and mechanisms to achieve high availability and resiliency. Bamboozle’s infrastructure spans multiple fault-independent availability zones in geographic regions physically separated from one another. Bamboozle’s infrastructure is able to detect and route around issues experienced by hosts or even whole data centers in real time and employ orchestration tooling that has the ability to regenerate hosts, building them from the latest backup. DigitalOcean also leverages specialized tools that monitor server performance, data, and traffic load capacity within each availability zone and colocation data center. If suboptimal server performance or overloaded capacity is detected on a server within an availability zone or colocation data center, these tools increase the capacity or shift traffic to relieve any suboptimal server performance or capacity overload. DigitalOcean is also immediately notified in the event of any suboptimal server performance or overloaded capacity.

Processes for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures in order to ensure the security of the processing

Measures for user identification and authorization

Access control policies require that access to DigitalOcean assets be granted based on business justification, with the asset owner’s authorization and limits based on “need to-know” and “least-privilege” principles. In addition, the policy also addresses requirements for access management lifecycle including access provisioning, authentication, access authorization, removal of access rights and periodic access reviews.Documentation of these requirements is recorded and provided to external auditors for security certification testing.

Measures for the protection of data during transmission Measures for the protection of data during storage

Bamboozle’s databases that store Customer Personal Data are encrypted using the Advanced Encryption Standard (AES). Customer data stored by Bamboozle is encrypted in transit between the Customer’s software application and Bamboozle using TLS v1.2.

Measures for ensuring physical security of locations at which personal data are processed

Bamboozle data centers are located in nondescript buildings that are physically constructed, managed, and monitored 24 hours a day to protect data and services from unauthorized access as well as environmental threats. All data centers are surrounded by a fence with access restricted through badge controlled gates. CCTV is used to monitor physical access to data centers and the information systems. Cameras are positioned to monitor perimeter doors, facility entrances and exits, interior aisles, caged areas, high-security areas, shipping and receiving, facility external areas such as parking lots and other areas of the facilities.

Measures for ensuring events logging

Logging of service, user and security events (web server logs, FTP server logs, etc.) is enabled and retained centrally. Bamboozle restricts access to audit logs to authorized personnel based on job responsibilities. Audit logging procedures are reviewed as part of external audits for security standards.

Measures for internal IT and IT security governance and management Measures for certification/assurance of processes and products

Measures for ensuring data minimisation Measures for ensuring data quality Measures for ensuring limited data retention Measures for ensuring accountability Measures for allowing data portability and ensuring erasure

Technical and organizational measures to be taken by the [sub]-processor to provide assistance to the controller and, for transfers from a processor to a [sub]-processor, to the Customer.

When Bamboozle engages a Subprocessor, DigitalOcean and the Subprocessor enter into an agreement with data protection obligations substantially similar to those contained in this Schedule. Each Subprocessor agreement must ensure that DigitalOcean is able to meet its obligations to Customer. In addition to implementing technical and organizational measures to protect personal data, sub-processors must (a) notify DigitalOcean in the event of a Security Incident so Bamboozle may notify Customer; (b) delete personal data when instructed by DigitalOcean in accordance with Customer’s instructions to DigitalOcean; © not engage additional sub-processors without DigitalOcean’s authorization; (d) not change the location where personal data is processed; or (e) process personal data in a manner which conflicts with Customer’s instructions to DigitalOcean.