This document outlines Lucidya’s position within the supply chain and its associated dependencies and responsibilities.
1. SaaS Provider:
- Primary Role: We are a Business-to-Consumer (B2B) SaaS provider delivering our software application to Companies.
2. Supply Chain Dependencies:
- Cloud Provider: Amazon Web Services (AWS) provides the underlying infrastructure for our SaaS platform.
- Software Development: We develop and maintain our application in-house using Ruby on Rails for the backend and React Javascript for the frontend. There are no external vendors for development tools.
- Identity and Access Management (IAM):
- Developers: JumpCloud is used for internal developer access control.
- Customers: Customers leverage Single Sign-On (SSO) through Auth0 using their existing email providers for authentication.
3. Data Processing:
- We store basic customer data including email addresses, names, and phone numbers.
- We collect additional data from social media platforms through authorized APIs.
- All data is encrypted at rest and in transit within our database.
5. Business Continuity and Disaster Recovery (BCDR):
- We have a BCDR plan in place with minimal impact expected from disruptions with AWS.
- As a contingency plan, we have evaluated Google Cloud Platform (GCP) as a potential alternative cloud provider.
- To ensure readiness, we conduct weekly disaster recovery training and restoration tests across all our environments. This proactive approach validates our ability to recover quickly and minimize downtime in case of an actual incident.
6. Analytics:
- We use Google Tag Manager and HubSpot ELK for website analytics.