Backup & Disaster Recovery Policy
How your data survives failures — backups, RPO/RTO targets and testing.
Company: EcomSarthi Business Solutions LLP ("EcomSarthi", "we", "us", "our")
Product: Ecom10x — One Dashboard. Every Marketplace. (the "Platform" or "Service")
Effective Date: [EFFECTIVE_DATE — e.g., 1 August 2026] · Version: [VERSION — e.g., 1.0] · Next Review: [NEXT_REVIEW_DATE — e.g., 1 February 2027]
1. Objective
To ensure Customer Data durability and Service recoverability in the event of infrastructure failure, data corruption, or disaster.
2. Backups
- Method: automated, encrypted backups of production databases on managed cloud infrastructure, plus point-in-time replication features of our database provider.
- Frequency: at least daily automated backups; continuous replication where supported by the underlying platform.
- Retention: rotated backups retained up to 90 days, after which they are purged (this also bounds post-deletion persistence — see Data Deletion Policy).
- Protection: backups are encrypted at rest, access-restricted to authorised personnel, and logically separated from production credentials.
3. Recovery Targets
- Recovery Point Objective (RPO): ≤ 24 hours (typically far lower with replication).
- Recovery Time Objective (RTO): ≤ 24 hours for full service restoration in a regional failure scenario; component-level recovery is typically much faster.
These are good-faith operational targets, not contractual guarantees unless stated in a signed enterprise agreement.
4. Disaster Scenarios Covered
Provider zone/region outages, database corruption, accidental bulk deletion by us, and destructive security incidents. Customer-side accidental deletions can be restored on request if within backup retention (verified account owner request to [SUPPORT_EMAIL — e.g., support@ecom10x.in]).
5. Testing
Restoration procedures are exercised periodically (at least annually) by restoring backups into an isolated environment and validating integrity. Deficiencies found are remediated and re-tested.
6. Dependencies
Recovery depends in part on subprocessor platforms (see Subprocessor Policy). We select providers offering high durability commitments and monitor their status channels during incidents.
Governing Law & Dispute Resolution
This document is governed by and construed in accordance with the laws of India, including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, without regard to conflict-of-law principles.
Any dispute arising out of or in connection with this document shall first be attempted to be resolved amicably through good-faith negotiation within thirty (30) days of written notice. Failing amicable resolution, the dispute shall be referred to arbitration by a sole arbitrator appointed in accordance with the Arbitration and Conciliation Act, 1996. The seat and venue of arbitration shall be [JURISDICTION_CITY — e.g., New Delhi], India, and proceedings shall be conducted in English. Subject to the foregoing, the courts at [JURISDICTION_CITY — e.g., New Delhi], India shall have exclusive jurisdiction.
Contact
EcomSarthi Business Solutions LLP
[REGISTERED_OFFICE_ADDRESS OF ECOMSARTHI BUSINESS SOLUTIONS LLP]
Support: [SUPPORT_EMAIL — e.g., support@ecom10x.in] · Legal: [LEGAL_EMAIL — e.g., legal@ecom10x.in] · Phone: [SUPPORT_PHONE_NUMBER]