Droplr services and data are hosted in Amazon Web Services (AWS) facilities (us-west-2) in the USA.
Droplr was built with disaster recovery in mind. All of our infrastructure are spread across 3 AWS availability zones and will continue to work should any one of those data centers fail.
All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network.
Droplr makes snapshot-based backups of datastores that contain customer and drops data. Backups are stored in at least two geographically separated locations. We produce audit logs for all activity and use ELK stack and Google BigQuery for log and abuse analysis. AWS S3 is used for archival purposes.
Droplr implements a protocol for handling security events which includes escalation procedures, rapid mitigation and post mortem. All employees are informed of our policies.