Security & trust, by design
DataRavn is a backup tool run by PHASES, based in Denmark.
We built it first for our own clients who needed safe backup for Podio and e-conomic, then opened it up to others who run important work on such SaaS platforms.
We are a Progress Podio Preferred Partner, and DataRavn is the backup product we trust for Podio workspaces in live client projects.
If you are looking at this page, you are already thinking about risk, audits, and what happens when someone deletes the wrong thing. This page explains how DataRavn treats your data and what you can expect from us.
Who runs DataRavn
DataRavn is built and maintained by:
PHASES
Melby Enghavevej 64
3370 Melby, Denmark VAT DK 33756445
Phases is a software development company working with large firms, public bodies and international organizations.
When you connect a SaaS app, DataRavn:
-
- Uses that app’s official API and your consent to read data.
- Backs up the items you select, such as workspaces, apps, tasks, records, files, and so on (These entries change as per the SaaS data that you are trying to backup).
- Stores reference IDs so we know what changed between backups and do not copy the same record repeatedly.
We use this data only to:
-
- Create and keep backups.
- Restore data on request.
- Run checks to make sure backups are complete and working.
We do not use your SaaS content for our own training, marketing, or unrelated analytics.
DataRavn grew out of real Podio work.
-
- We are a Progress Podio Preferred Partner.
- We run Podio for clients where projects, deals, and cases depend on Podio staying usable.
- DataRavn backs up Podio workspaces, apps, and related items so that data can be brought back when needed.
If you use Podio for CRM, project delivery, sales, or internal operations, you get a backup tool that matches how Podio actually behaves in day-to-day use, not just in theory.
You can choose how and where your backup data lives:
Phases-hosted MySQL
-
- Fast way to start.
- Managed by our team.
- No shared database between clients.
Self-hosted MySQL
-
- Runs on your own database in your own infrastructure.
- Often used when internal rules ask for on-prem or private hosting.
Enterprise setups
-
- May include fully isolated hosting and extra network limits.
- Can respect stricter rules for the region and access.
Data is stored in the region agreed with you, with options for European storage for GDPR-focused work.
We protect data in two ways:
In transit
-
- All traffic between your browser, your SaaS tools, and DataRavn uses TLS 1.2 or newer.
- This helps keep data safe from reading and tampering while it moves.
At rest
-
- Backup data and sensitive details, like stored credentials that are needed for the tool to work, use AES-256-CBC encryption at rest.
- Keys follow strong handling rules and are not kept in plain form.
DataRavn is made for teams where not everyone should be able to change backup settings.
In your account
Admins
-
- Add and manage SaaS integrations.
- Set backup plans and retention.
- Trigger restores.
Users
-
- Can see backup status and logs.
- Cannot change settings or trigger restores unless given that level.
All actions are logged with time and user, so you can see who did what and when.
Inside PHASES
-
- Only our dedicated product team of trusted staff may reach production data or infrastructure.
- Access is given for support and maintenance only, kept under review, and logged.
- Staff training includes privacy, data safety, and how to work with customer data in a careful way.
Backup timing
-
- Standard: weekly runs.
- Gold: daily runs.
- Enterprise: Timing agreed with you.
Backups are automated. Jobs that fail are retried. Issues show up in logs and can trigger alerts.
Retention
-
- Standard: 7 days by default.
- Gold: 14 days by default, with options to extend.
- Enterprise: custom retention, from short windows up to longer spans for audit use.
Restore options
-
- Bring back full workspaces.
- Restore one app, one record, or a set of files.
- See logs for each restore so you can match actions to events.
DataRavn follows a strict privacy policy.
-
- We collect account data (name, email, company) to run your account.
- We collect payment data when needed to handle billing.
- We collect usage data to keep the service stable and to improve it.
- We collect SaaS content only when you connect an integration and grant access.
You keep ownership of your data.
We process it to provide the service, meet legal duties, and protect our rights where needed.
Under GDPR and similar rules, you can:
-
- Ask to see data we hold about you.
- Ask us to correct or delete data, where that fits the law.
- Ask us to limit or object to some uses.
- Ask for data in a portable format.
You can reach us on gdpr@phases.dk to make these requests.
-
- DataRavn is run under Danish law.
- The Terms & Conditions state your rights to access and use the product.
- The Privacy Policy explains how we handle personal data.
- A Data Processing Agreement (DPA) is available so you can cover your own duties when you act as a data controller for your own clients.
For Enterprise plans, we can work with your legal and security teams on more detailed wording if needed.
To run DataRavn, we use third parties such as:
-
- Hosting providers
- Payment providers
- Some tools for logs and error tracking
Before adding a vendor, we:
-
- Check their data protection terms.
- Sign data processing terms where this is needed.
- Keep their access limited to what they must see to do the job.
We never grant third parties open access to your SaaS content without a clear reason and agreement.
We keep an eye on DataRavn and related infrastructure:
-
- Logs help us spot strange activity or technical trouble.
- Known risks feed into changes in code, hosting, or process.
- There is an incident plan for finding, containing, and fixing issues.
If an incident affects your data or your use of the service, we will inform you in line with legal duties and any contracts in place.
Security, risk, and compliance teams usually ask three things:
-
- How do you handle our data end-to-end?
- How do you prove that you follow your own rules?
- Can we have documents for our own records?
To answer that, we can provide:
-
- This security page as a first reading.
- Terms & Conditions.
- Privacy Policy.
- Data Security overview.
For Enterprise work, we can set up a call with a senior engineer who knows Podio, e-conomic, and your kind of setup, and walk through any open questions.
Talk to an engineer who works with Podio and SaaS backup every day