Security Overview

Our company implements a multi-layered security framework to ensure the highest level of protection for client data and projects, covering physical, technical, and operational domains. Below is an overview of our key security measures: 1. Physical Security Measures Facility Access Control: All offices and data centers are equipped with 24/7 CCTV surveillance, biometric access systems, and keycard‑based entry logs. Unauthorized personnel are strictly prohibited from sensitive areas such as server rooms and annotation workspaces. Secure Workstations: Dedicated workstations are used for annotation tasks, with no external storage devices permitted. All devices are physically secured and regularly inventoried. 2. Cybersecurity Policies Network Infrastructure: We deploy enterprise‑grade firewalls, encrypted VPN tunnels, and segmented networks to isolate client data environments. All data transmissions are protected via TLS 1.3+ encryption. Endpoint Protection: Every workstation and server is equipped with real‑time antivirus/malware detection, automated patch management, and intrusion prevention systems. Data‑at‑Rest Encryption: All stored data—including raw inputs, annotations, and project files—is encrypted using AES‑256 standards, both on‑premise and in cloud storage. 3. Employee Confidentiality & Data Handling Legal Agreements: All employees and contractors sign comprehensive Non‑Disclosure Agreements (NDAs) and data‑processing addendums that extend beyond their tenure. Role‑Based Access Control (RBAC): Data access follows the principle of least privilege, with permissions strictly limited to assigned projects and tasks. Continuous Training: Mandatory annual training on data privacy regulations (e.g., GDPR, CCPA), secure handling practices, and incident response protocols is conducted for all staff. 4. Audits & Compliance Third‑Party Audits: We undergo annual SOC 2 Type II audits and periodic penetration testing by independent cybersecurity firms to validate

Security Credentials