The Backup Policy defines how botBrains backs up critical systems and data so that information remains available and recoverable after accidental deletion, corruption, or infrastructure failure. It covers backup scope, frequency, encryption, retention, and restoration testing. This is the canonical source for backup requirements, and the Business Continuity and Disaster Recovery policy relies on it.
botBrains is not yet ISO 27001 certified. We are preparing our ISMS and writing these policies as part of pursuing certification, and we fully intend to get our controls attested.
Scope
This policy applies to all production data and systems required to operate the botBrains service, including the managed application database, object storage, and source code. botBrains runs entirely on EU cloud infrastructure, so our infrastructure providers provide and operate the backup mechanisms under their certifications. botBrains configures, monitors, and tests them. Infrastructure and provider details live in the subprocessor list.
Backup scope and method
| Data | Location | Method | Frequency |
|---|
| Application database (all conversation and account data) | AWS, Germany (primary region) | Point-in-Time Recovery (PITR) with continuous Write-Ahead Log (WAL) shipping, replicated to a secondary backup region in Ireland | Continuous, recoverable to any point within the last 30 days |
| Object storage (long-term store of application data) | AWS, Germany (primary region) | Provider-durable storage with versioning | Continuous |
| Source code | GitHub private repositories | Distributed version control, mirrored across developer machines | On every push |
| In-memory cache (redis) | DigitalOcean, Germany | Not backed up; treated as transient and reconstructible from the primary database | Not applicable |
The primary database supports recovery to any point in time within the 30-day PITR window, which removes the need for separate nightly snapshots as the only recovery option.
Encryption
botBrains encrypts all backups at rest with AES-256 and in transit with TLS 1.3, identical to live production data. The Cryptography Policy defines encryption standards and key management.
Retention
botBrains retains backups for a 30-day PITR window. botBrains may extend retention during an active incident for as long as needed to investigate and restore. The Data Retention Policy governs application-level retention and secure deletion of customer data.
Data residency
botBrains runs its primary region in Germany and replicates database backups to a secondary backup region in Ireland, so the loss of the primary region doesn’t cause data loss. All backups remain within the EU, consistent with botBrains’ no-third-country-transfer commitment.
Monitoring
Provider tooling and the botBrains observability stack (Better Stack alerting, Sentry) surface backup health and failures. botBrains treats a backup or replication failure as an incident and handles it under the Incident Management Policy.
Restoration testing
Backups are only useful if they restore. botBrains performs a documented restore test that recovers the application database to a non-production environment and verifies integrity, following the Employees Only: Database Backup / Restore Test playbook and recording each test in the Employees Only: Backup & DR Test log. The restore test confirms the achievable recovery point and recovery time used by the Business Continuity and Disaster Recovery policy.
ISO 27001 mapping
| Control | Coverage |
|---|
| A.8.13 Information backup | Backup scope, frequency, encryption, retention, and restoration testing of production data and source code |
Review
The CISO owns this policy and reviews it at least annually and after any material change to the backup architecture, provider, or retention configuration.