Skip to content

Disaster Recovery

This policy defines how Ouva restores critical systems and data following a major disruptive event. Ouva’s infrastructure relies on managed cloud platforms (Supabase, Netlify) that provide built-in redundancy, automated backups, and provider-managed failover capabilities.

Disaster recovery planning supports:

  • Restoration of critical customer-facing services
  • Preservation and recovery of required data
  • Controlled return to normal operations with validated integrity

Recovery time and recovery point targets are informed by provider capabilities and support commitments.

Disaster recovery procedures may be activated when one or more conditions occur:

  • Prolonged outage affecting critical service availability
  • Regional infrastructure failure or loss of primary environment
  • Data corruption or destructive event that cannot be handled by standard incident playbooks
  1. Assess: Confirm event scope, impact, and affected systems.
  2. Contain: Stabilize systems and prevent additional impact.
  3. Recover: Restore from backups, fail over to provider-managed alternate infrastructure, or rebuild critical services.
  4. Validate: Verify functionality, security controls, and data integrity.
  5. Resume: Transition back to normal operations and close emergency status.
  • A designated incident owner coordinates activation decisions, restoration tasks, and customer communication.
  • Responsibilities are assigned based on event scope, with clear ownership for technical recovery and stakeholder updates.
  • External advisors or provider support channels are engaged when needed.
  • Backup and restore procedures are tested on a recurring basis.
  • Disaster recovery runbooks are reviewed and updated after exercises and real events.
  • Lessons learned are tracked through post-incident review actions.

For platform infrastructure and service architecture, see Architecture Diagram. For provider-level backup and recovery capabilities, see Third-party Services.