Do is a cloud-based project management, CRM, and collaboration service that is built to be simple and intuitive to use. Do is owned by Salesforce and is based in San Francisco, California USA. Do has been operating since 2011 (Sales force since 1999). You can contact support via email or their online support portal. Do encrypts all data in transit between your computer and their servers, but they may not encrypt your data while it is on their server. Do does not disclose the locations of their data centres, their expected availability, or their security certifications. However, Do is TRUSTe certified for privacy. Do specifies that they acquire “no right, title, or interest… to your content”. Upon account termination, Do will use commercially reasonable efforts to delete your contents from their service.
This disclosure was provided and researched by Arrowrock. Sources are cited where possible.
|Company Phone Number||Not available|
|Company Email Addressemail@example.com|
|Physical Address||The Landmark @ One Market, Suite 300, San Francisco, California 94105, U.S.A|
What services does this disclosure apply to?
What country holds legal jurisdiction over the service(s)?
United States if America
How long has your company been operating?
How long has your company been providing the service(s) covered in this disclosure?
Is your company currently profitable?
What are your standard customer support hours?
What channels are available for communication with clients?
Online support portal
Which is your preferred channel for client communications?
Do you collect any information from client communications?
Do has been awarded TRUSTe’s Privacy Seal. Do collects information from individuals who visit Do (“Visitors”) and individuals who register to use the Do Service (“Users”). For more information please see https://do.com/privacy
What is your standard response time for customer support inquires?
Do you proactively communicate information about future planned outages and maintenance to clients?
Do you proactively communicate information about current unscheduled outages and incidents to clients?
Do you make incident reports available to clients after major incidents?
What is the expected uptime of the service?
24 hours a day, 7 days a week, except for routine maintenance.
Has the service experienced any outages in the last 12 months?
Does the SLA guarantee service uptime?
Are logs kept of client logins and locations?
Does your service support password/account recovery?
If you can’t remember your Do password, click the “Forgot your password?” link on the log in page. Enter your email and click the button to request a new password. The password reset email will be sent to your primary email associated with Do. For more information please see http://help.do.com/customer/portal/articles/520379-how-do-i-reset-my-password-
Does the service monitor for any suspicious account activity?
Does your service offer two-step or multi-factor authentication?
Does your service offer login via other services?
Yes, login in supported using Google credentials.
Does your service secure all client data in transit?
Secure Socket Layer (SSL) technology protects Do User Data using both sever authentication and data encryption. For more information, please see https://do.com/privacy
Does your service secure client data at rest?
We will use commercially reasonable efforts to protect the security, confidentiality and integrity of Your Content submitted to the Paid Do.com Services. For more information please see https://do.com/legal
Does your service allow clients to collaborate with 3rd parties?
The Do.com Services may contain features designed to interoperate with Non-Do.com Applications. To use such features, You may be required to obtain access to such Non-Do.com Applications from their providers. For more information please see https://do.com/legal
Does your primary system reside in a data center with a security certification?
Do hosts its Web sites in a secure server environment that uses firewalls and other advanced technology designed to prevent interference or access from outside intruders. For more information please see https://do.com/privacy
Does your backup/disaster recovery system reside in a data center with a security certification?
Do you claim ownership of any client data or information uploaded to your service?
You authorize Us to host, copy, transmit, display, modify and adapt Your Content, solely as necessary for Us to provide the Do.com Services in accordance with this Agreement. Subject to the limited rights granted by You hereunder, We acquire no right, title or interest from You or Your licensors under this Agreement in or to Your Content, including any intellectual property rights therein.
For more information please see Section 6 – https://do.com/legal
Does the client retain full ownership of any data of information transmitted or stored via upstream providers?
Does client use of your service generate any metadata or other statistical information?
Do uses Data About Do Users to perform the services requested. For example, if you fill out a “Signup For Free” form, Do will use the information provided to contact you about your interest in the Do Service. For more information, please see https://do.com/privacy#yourdata
Where are the primary systems that host client data located?
Where are the backup/disaster recovery systems that host client data located?
Are there any other systems that host client data on behalf of your service?
Does the client have full access to their data during the service contract period?
Can the client freely download their data from the service during the contract period?
Can the client easily import/upload their data from a competing service provider into your service?
Does your services include an API to access client data?
Do presents a RESTful HTTP API. All calls must be securely transported over HTTPS to www.do.com. For more information please see https://developers.do.com/
Following termination of the service, will the client be able to access their data?
Following termination of the service, is all client data deleted?
Upon Your request, following contract termination and subject to applicable legal requirements, SFDC will use commercially reasonable efforts to delete Your Content from the Do.com Services to the extent You do not have the ability to do so via Your Use of the Do.com Services. For more information please see https://do.com/legal
Does anyone in your organization (including contractors and upstream providers) have the ability to directly access client data?
Does your company use client data or information for any business function (other than the provision of the service)?
Does your company use client data or information to generate revenue (other than the provision of the service)?
Do you access client data in any additional circumstance not yet specified in this disclosure?
Do you have a policy in place for dealing with data loss or breach?
Do you notify clients if their data has been lost or compromised?
Does your service support data versioning?
How often are service/client data backups performed?
What method is used to perform service/client data backups?
All networking components, SSL accelerators, load balancers, Web servers, and application servers are configured in a redundant configuration. All customer data is stored on a database served by a database server cluster for redundancy. All customer data is stored on carrier-class disk storage using RAID disks and multiple data paths. All customer data, up to the last committed transaction, is automatically backed
up to a primary tape library on a nightly basis. Backup tapes are immediately cloned to verify their integrity, and the clones are moved to secure, fire-resistant, off-site storage on a regular basis.
For more information please see http://www.salesforce.com/assets/pdf/datasheets/security.pdf
How long is backup data retained for?
The information in this report is provided “AS IS” without warranty of any kind, express or implied. Please use good judgement and verify the information you consider important before basing any decisions on it.