Panopta infrastructure runs on the Google Cloud Platform, and falls under the same compliance as GCP. The following links provide deeper information on security and compliance maintained by Google:
Google Security ModelGoogle Infrastructure Compliance Overview
All data is encrypted in transit using industry best TLS 1.2 encryption.All data is also encrypted at-rest using 256-bit AES. This includes all authentication information used for performing synthetic and application checks.
Panopta retains data related to servers and devices (names, IP's, etc.), system metrics, check results, and outage/incident related information.
Outages, Incidents, and hourly aggregates of all metrics are stored indefinitely. 60-second resolution of data is stored online for 3 months and then rotated and archived.