Data Protection

In this article we address the most common questions we receive regarding data protection, ranging from the location of our servers to the protection we have in place against unauthorised third party access.

Contents

  1. What is the location of the server the city's data is stored?
  2. Who has access to the city's data?
  3. How is the data secured against access by unauthorised third parties?
  4. Is it possible to run ClimateView entirely on a city’s server?

What is the location of the server the city's data is stored?

ClimateView is a SaaS application, securely hosted in the Microsoft Azure Cloud Platform. To ensure high-availability and continuity of service, data is stored in two Azure regions within the EU - Dublin and Amsterdam:

https://azure.microsoft.com/en-us/global-infrastructure/data-residency

Who has access to the city's data?

Apart from the customer, only ClimateView employees have access to the data. We have appropriate controls in place to ensure only authorised staff have access to client data. All authorised staff access to data is logged and requires FIPS approved FIDO2 compliant two-factor authentication.

How is the data secured against access by unauthorised third parties?

ClimateView follows all the best practices to secure our client’s data against access by unauthorised third parties. In particular:

  • We prohibit city data or metadata being shared across other services and with third parties.
  • Any published data containing signatures or logs of the name of the author (user account) is anonymised when published, unless explicitly granted/requested by each individual.
  • Furthermore, we use Google Analytics in IP-anonymisation mode as a third party analytics engine to track usage and statistics for the purpose of improving the service. Please note that we only use Google Analytics with masked and anonymised IP-numbers.
  • We allow for security audits by independent third parties upon request from customers at their own expense.
  • We have a robust authentication process in place to protect access to city data and/or user accounts. The authentication process is based on:

o    method:      OAuth2.0

o    IdP:               Azure Active Directory B2C

o    encryption: login with hashed password via https to Azure AD

o    session:      JSON Web Tokens Session Policy Handling

We would like to point out, however, that ClimateView is an open data initiative. The customer owns all data entered into the solution. The customer has the choice to publish data. Once the data is published, it is in the public domain and thus shareable with third parties by default and thus accessible by search engines. 

Is it possible to run ClimateView entirely on a city’s server?

This is unfortunately not possible. ClimateView is offered as a Software-as-a-Service (SaaS) which by definition implies that the software is located at the provider’s server (Microsoft Azure in our case) and that the client accesses its domain through a web browser (Firefox, Chrome, etc.). This solution also makes it possible for us to continuously improve the software (e.g. through machine learning) for the client’s best user experience.