- About Contentful
- APIs
- Backup, security and hosting
- Basics
- Best practices
- Billing
- Client libraries
- Content migrations
- Content operations
- Contentful AI functionality
- Environments
- EU data residency
- Extensibility
- Legacy spaces
- Managing organizations and spaces
- Personal access tokens
- Rich text
- Search and content organization
- Security and privacy
- Single sign-on (SSO)
- SSO x509 certificate expiration
- Technology and features
- Terminology
- Two-factor authentication (2FA)
- Versioning
- Web app
- Webhooks
FAQ / Backup, security and hosting
On this page
- If I accidentally delete my data, can it be restored?
- Can I backup my data offsite?
- Is my content encrypted?
- Is Contentful reliable and secure?
- Where's Contentful being hosted?
- How will I be notified in the event of a security incident affecting me?
- Where does Contentful backup my data?
- Can I self host/download Contentful?
- Is my data backed up?
If I accidentally delete my data, can it be restored?
Enterprise customers can recover accidentally deleted spaces or environments, if requested within 25 days after the date of deletion. After 25 days, deleted spaces and their contents cannot be restored. To request this service, contact Contentful customer support with the details of the affected space or environment.
If you accidentally deleted a specific content entry from a space, we do not offer the ability to restore it. We advise that you archive content first, and only delete content after you are absolutely certain it is no longer needed.
Can I backup my data offsite?
We always do backups of all the content ourselves. You can always use the Content Delivery API (CDA) to export all of the content manually.
Is my content encrypted?
Your data is encrypted at rest in AWS S3 buckets, AWS RDS instances and block devices used by AWS EC2 instances. AES256 encryption is used by default via AWS’ encryption services, while key management is handled by AWS KMS. This ensures the content is preserved and safe from prying eyes and manipulation.
All communication between you, your services and Contentful, that includes your data, traverses the Internet via encrypted HTTPS traffic. In addition, data is also encrypted during transit between Contentful and our Content Delivery Networks (CDNs). This encryption during communication ensures information cannot be read or manipulated by unauthorized third parties.
Is Contentful reliable and secure?
Certainly. No one has the permission to edit or view your content other than the people you assign permissions to do so. In addition, your content is only accessible for applications and websites that you give access (as API key) to access your space.
We have very high security and reliability standards. The content is replicated between multiple servers in our backend and it’s backed up daily. Our global content delivery network stores the content on servers all around the world for high availability and low access times. The transmission of the content is encrypted with SSL – the same technology that’s used for online banking.
We also work closely together with the security community via our bug bounty program to quickly address any potential security issues.
Where's Contentful being hosted?
Contentful is hosted on Amazon Web Services (AWS):
Default data residency:
Primary region: AWS N.Virginia (us-east-1)
Secondary region: AWS Oregon (us-west-2)
EU data residency:
Primary region: AWS Ireland (eu-west-1)
Secondary region: AWS Frankfurt (eu-central-1)
The Contentful CDN, which is used for delivering the content, has edge nodes all around the world, ensuring rapid content delivery no matter the destination.
How will I be notified in the event of a security incident affecting me?
In the event of a security incident impacting your account or data, Contentful is committed to promptly notifying you. Notifications may be delivered through email to provide you with relevant details and guidance. We prioritize compliance with local laws and regulations regarding data breaches, ensuring that our notification processes align with the legal requirements of your jurisdiction.
Organization owners will always receive security incident notifications by default. In addition to owners, there are options to add notification recipients (up to 10). This ensures the necessary contributors within your organization are informed about security incidents. Organization administrators will have only view and edit access.
Located in “Organization settings & subscriptions,” organization owners and admins can manage this option and add recipients. Org owners and admins are the only roles with access to this functionality.
Where does Contentful backup my data?
All content and media on Contentful is automatically backed up to two physically separate data centers within Amazon Web Services:
Default data residency:
Primary region: AWS N.Virginia (us-east-1)
Secondary region: AWS Oregon (us-west-2)
EU data residency:
Primary region: AWS Ireland (eu-west-1)
Secondary region: AWS Frankfurt (eu-central-1)
Can I self host/download Contentful?
No. Contentful is a cloud-based web service that we manage. Downloading Contentful and hosting it yourself is not in our plans.
Is my data backed up?
Yes. All data stored in Contentful is subject to daily backups employing snapshots and versioning mechanisms. To ensure high data availability, we employ replication across regions using Amazon Web Services (AWS).