We take the security and privacy of your data seriously. Here’s how we ensure your data remains protected:
Data Encryption
- All data in transit is encrypted using industry-standard TLS protocols
- Data at rest is encrypted using AES-256 encryption
Data Minimization
- We only collect and process data that is necessary for the specified purposes
- Regular data audits ensure we maintain only essential information
User Rights
- For users to access, correct, or delete their personal data, just contact privacy@sonant.ai with the request, we will get back in 2-3 business days. Refer to Data Subject Access Request.
Breach Notification
- Robust incident response plan in place
- Capability to notify relevant authorities and affected users within 72 hours of a data breach
Data Processing Agreements
- We maintain GDPR-compliant data processing agreements with all our sub-processors
Privacy by Design
- Security and privacy considerations are built into our product development lifecycle
- Regular privacy impact assessments are conducted
Employee Training
- All employees undergo regular security and data protection training
- Strict internal policies on data handling and confidentiality
International Data Transfers
- We ensure appropriate safeguards are in place for any data transfers outside the EU/EEA
Retention Policies
- Clear data retention policies are in place
- Automated systems to ensure data is not kept longer than necessary for business or to provide the service as stated in the Master Service Agreement and Data Protection Agreement
We are committed to ongoing compliance and regularly review and update our security measures to align with industry best practices.
For more detailed information, please contact security@sonant.ai.