# Cloud Hosting

Cronofy holds data in line with the [Cronofy Data Management policy](/policies/data-management/index.md).

This page describes in more detail how Cronofy uses cloud service as part of
that.

## Data centers
Cronofy provides [six data centers around the world](/developers/data-centers/index.md) hosted by [Amazon Web Services (AWS)](https://aws.amazon.com/).

Per [AWS's Cloud Security guidance](https://aws.amazon.com/compliance/shared-responsibility-model/):

- AWS is responsible for the security **of** the cloud

- Cronofy is responsible for the security **in** the cloud

Cronofy uses AWS inline with [AWS's Well-Architected framework](https://aws.amazon.com/architecture/well-architected/)
with all changes made via version-controlled processes.

### Environment segregation
All environments run within their own AWS account to ensure strict boundaries
are in place beyond running within their own [Virtual Private Cloud
(VPC)](https://aws.amazon.com/vpc/).

```mermaid
flowchart TB
  Employees--Authentication-->organization
  subgraph management
    management-vpc[VPC]
  end
  organization(Organization account)--AssumeRole-->management
  subgraph nonprod
    nonprod-vpc[VPC]
  end
  subgraph prod-au
    prod-au-vpc[VPC]
  end
  subgraph prod-ca
    prod-ca-vpc[VPC]
  end
  subgraph prod-de
    prod-de-vpc[VPC]
  end
  subgraph prod-sg
    prod-sg-vpc[VPC]
  end
  subgraph prod-uk
    prod-uk-vpc[VPC]
  end
  subgraph prod-us
    prod-us-vpc[VPC]
  end
  organization--AssumeRole-->nonprod
  organization--AssumeRole-->prod-au
  organization--AssumeRole-->prod-ca
  organization--AssumeRole-->prod-de
  organization--AssumeRole-->prod-sg
  organization--AssumeRole-->prod-uk
  organization--AssumeRole-->prod-us```
Employees authenticate with a central AWS account before assuming a delegated
role in other AWS accounts.

Each environment operates as an entirely separate instance, with no personally
identifiable information (PII) flowing between them.

### Environment resilience
All environments leverage three Availability Zones in the region they operate
within. This ensures resiliency in the face of power outages and such like
within an individual zone.

Managed AWS services used by Cronofy are also configured to run across multiple
Availability Zones.



---
[Read in HTML](/policies/compliance/cloud-hosting/)