Frequently Asked Questions

International Employee Data Access

At Cotality™, transparency and trust are at the core of our client relationships. As part of our commitment to continuously improving our solutions and supporting your evolving needs, we invest in global talent to power innovation.

To help you feel confident in how your data is handled, we’ve outlined answers to some of the most common questions regarding international access and data protections.

Where will data be physically stored?

Data remains physically stored in the United States within a combination of Microsoft Azure, Amazon Web Service, and Google Cloud Platform Regions.

How will the data be accessed remotely, and what security measures are in place?

Remote access is tightly controlled and includes:

  • Cotality-managed devices only
  • VPN access with multi-factor authentication (MFA)
  • Isolated network environments
  • Automated monitoring to detect and block unusual access patterns or data movement

Can I opt out of international access or limit it to specific types of data?

International access is governed by your contract amendment and cannot be modified selectively. Limiting this access may impact on our ability to deliver full product support and service continuity per our agreement.

These practices are in place to help keep your data secure, accessible, and protected while also enabling us to continuously enhance our solutions and better support your evolving needs. If you have any questions or would like to learn more, your Client Success Manager is always here to help.

Who will have access to the data from outside the United States?

Only Cotality™ employees in the U.S., Canada, and India who are directly involved in product development and technical support have access.

  • Access is role-based and restricted to job-specific functions.
  • All personnel must pass employment verification and background checks.

How is data protected?

  • Encryption: All data is encrypted both in transit and at rest.
  • Virtual Environments: Sessions run in secure, isolated virtual machines with no local data storage.
  • Controls & Monitoring: Centralized access controls and real-time session monitoring are always in place.
  • Retention & Deletion: Data handling follows strict retention policies and secure deletion protocols per your Master Service Agreement (MSA).

What audit procedures are in place to ensure ongoing data protection?

We conduct regular internal audits to continuously monitor access controls, security protocols, and compliance with data protection procedures to ensure ongoing protection of your data. These practices are reinforced through Cotality’s SOC (System and Organization Controls) and ISO (International Organization for Standardization) certifications. These certifications are validated through third-party audits to uphold the best practices of data protection.

© 2025 Cotality. All rights reserved. Cotality™, the Cotality logo, and Intelligence beyond bounds™ are the trademarks of CoreLogic, Inc. d/b/a Cotality or its affiliates or subsidiaries.