Security and Data Retention

Nuvem inc. is a boutique Toronto-based Salesforce consulting firm with over 150 clients, including publicly traded, high-growth and non-profit organizations. We focus on a managed services approach which integrates us into your team, ensuring the project is well planned, sprints are relevant to business need, and adoption is managed through rapid support.

We specialize in Salesforce and cloud tools, including the following types of activities:

• Managing large complex projects involving requirements management, custom development and integrations
• Supporting deployment and adoption through rapid support and week-to-week collaboration sessions
• Architecting and implementing cloud-based infrastructure projects
• Designing and implementing service-oriented integrations between critical systems including Salesforce.com
• Using code to automate deployments and achieve a continuous delivery model
• Using, understanding and implementing security models in tools like Salesforce.com

In the course of performing these services Nuvem Inc. will need access to client systems and infrastructure, below are policy and procedures all Nuvem Inc. consultants follow:

• Nuvem inc. will never remove or alter information stored in the clients instance of Salesforce.com. Security and access to the clients instance of Salesforce is governed by the clients signed agreement with Salesforce.com. Nuvem Inc. in no way alters or impacts the normal operation of Salesforce security and access protocols.
• Work on the above activities are fully insured through robust insurance coverage, insurance certificates can be provided on request.
• Access to production applications is at the sole discretion of the client, Nuvem inc. is able to perform the above activities in any of the following: 1. A sandbox environment which contains no customer or prospect data 2. A sandbox seeded with obfuscated customer or prospect data.
• Deployments of new code and configuration is done via a Salesforce feature called “Change Sets”, after the client is satisfied with the work product, a change set will be published for deployment, and any post deployment activity will be documented.
• If the client authorizes Nuvem Inc. to perform data manipulation activities such as data updates and de-duplication, Nuvem Inc. will be required to possess the data required to perform the data update. Nuvem limits the possession of this information to must have data only and commits to providing the client a copy of all processed files and destroying local copies.
• If the client grants Nuvem Inc. access to it’s production instance of Salesforce, Nuvem will be restricted to the user rights, permissions and data access granted by that user. Nuvem urges the client to only give the level of access compliant to internal data governance and system access policies.