Information Security

Summary

Here is the summary version for Information Security. For a more elaborate version, please check our FAQs below.

Is my data safe with you?

• Yes, your data is safe with us. We adhere to the following principles:

Does my data remain mine?

• Your data remains yours. We do not use your data to train our own LLMs or the LLMs of third-party providers.

How transparent are you about data location?

• Transparency on data location is a priority. The LLM space is rapidly evolving with new models being released weekly. We ensure to stay updated with the latest models and their jurisdictions. By default, we prioritize models available within datacenters in the European Union (EU). Upon specific customer request, we can make models available outside the EU.

What information security standards do you follow?

• We adhere to Information Security standards such as ISO 27001. We have initiated our internal audit and will seek an external audit in the near future.

FAQ

1. How is my data protected?

• We use industry-standard encryption protocols to protect data both at rest and in transit. Our servers are hosted in secure data centers that are compliant with major security standards such as ISO 27001 and SOC 2.

• Structize BV adheres to Information Security standards such as ISO 27001. We have initiated our internal audit and will seek an external audit in the near future.

2. What encryption methods are used?

• Data at rest is encrypted using AES-256, and data in transit is secured using TLS 1.2 or higher. We continuously monitor and update our encryption standards to meet the latest security requirements.

3. How do you ensure the privacy of my data?

• We adhere to strict privacy policies and comply with regulations such as GDPR. We never share your data outside subprocessors without your explicit consent, except as required by law.

4. Is my data backed up?

• Yes, we perform regular backups of your data to ensure that it can be restored in the event of a disaster or data loss incident. These backups are encrypted and stored in multiple secure locations.

5. Who has access to my data?

• Access to your data is restricted to authorized personnel only, based on the principle of least privilege. All access is logged and monitored to ensure compliance with our security policies.

6. How do you protect against unauthorized access?

• We employ multi-factor authentication (MFA), role-based access controls (RBAC) to prevent unauthorized access. Our team continuously monitors for and responds to potential threats.

7. What measures are in place to protect against data breaches?

• Our security infrastructure includes firewalls, intrusion detection systems, and regular vulnerability assessments. We also have an incident response plan to quickly address and mitigate any potential data breaches.

8. How often is your security reviewed?

• We conduct regular security assessment. Our security policies and practices are continuously reviewed and updated.

9. What should I do if I suspect a security issue?

• If you suspect a security issue, please contact our support team immediately at [email protected]. Our egineering team will handle the security incidents in the shortest timeframe possible and will work with you to resolve the issue promptly.

10. How do you handle data deletion requests?

• You can request the deletion of your data at any time by contacting our support team through [email protected]. We will ensure that your data is permanently removed from our systems in accordance with our data retention and deletion policies.

11. Can I get a copy of my data?

• Yes, you can request a copy of your data at any time. We will provide it in a secure, machine-readable format within a reasonable timeframe.

12. Do you offer data residency options?

• Our platform is hosted in the European Union for GDPR reasons. It is accessible worldwide. For our LLMs we prioritize by default models available within datacenters in the European Union (EU). Upon specific customer request, we can make models available outside the EU.

13. How is user access managed and monitored?

• User access is managed through role-based access controls (RBAC). We regularly review access logs and permissions to ensure that users have the appropriate level of access.