top of page

Security & Compliance

 

SenseCloud is designed for enterprise use with rigorous data protection and regulatory compliance controls. We act as a data processor under data protection laws (customers remain data controllers) and provide a Data Processing Addendum (DPA) covering GDPR, PIPEDA, CCPA and similar regulations .  Our privacy program supports data subject rights (access, rectification, deletion, portability) and we maintain mechanisms for lawful international transfers (we are certified under the EU–US Data Privacy Framework and apply EU Standard Contractual Clauses for cross-border data) . SenseCloud meets or exceeds global privacy requirements: for example, customer call recordings and transcripts are only stored with proper consent, and we provide tools for configurable data retention and secure deletion on request.

Standards and Certifications

 

We align with internationally recognized security frameworks.  SenseCloud’s Information Security Management System follows ISO/IEC 27001:2013 guidelines (comparable to industry leaders) .  We also address related ISO standards (cloud security, privacy management, AI governance) such as ISO/IEC 27017/27018/27701/42001 where applicable.  In addition, SenseCloud maintains an ongoing SOC 2 Type II compliance program attesting to our controls over security, availability, confidentiality, and privacy .  Other third-party assurances include participation in the Cloud Security Alliance STAR registry for transparency of cloud controls .  Where relevant, we map to industry regulations such as HIPAA (for health data) and PCI-DSS (for call/payment data), and provide features like automatic PII masking or tokenization to support those requirements .  All certifications are kept current through annual audits.

 

  • ISO/IEC 27001/27701: Information Security and Privacy Management aligned with global standards  .

  • SOC 2 Type II: Independent audit of our security controls and processes  .

  • Data Privacy: GDPR, CCPA, PIPEDA compliance via DPA clauses, consent tools, and Data Privacy Framework certifications  .

  • Cloud Security: We leverage AWS infrastructure (SOC 2, ISO 27001, PCI DSS certified datacenters) in regions of choice (US or EU) .

Data Protection and Encryption

 

All data handled by SenseCloud is encrypted in transit and at rest using strong industry-standard protocols. We use TLS 1.2+ (HTTPS) for all network communications and AES-256 encryption for stored data .  Encryption keys are managed securely (e.g. AWS KMS or HSM) with per-customer key separation (each tenant can use dedicated keys) .  Backup media and logs are also encrypted.  No data is stored or transmitted in clear text. SenseCloud’s cloud environments are isolated in dedicated AWS accounts and VPCs, with network security controls (firewalls, private subnets) to prevent unauthorized access. For on-premise deployments, all processing occurs within the customer’s network under their physical and network controls .

 

  • Encryption: TLS (1.2+) for data in transit; AES-256 at rest  .

  • Key Management: Customer-dedicated keys via AWS KMS or hardware modules; option for Bring-Your-Own-Key.

  • Network Segmentation: Private VPCs, strict Security Groups/NSGs, and encrypted communications between microservices.

Access Control & Identity Management

 

SenseCloud enforces role-based access control (RBAC) and the principle of least privilege .  User permissions are granted only as needed for each role.  Administrative and developer access require strong authentication, including multi-factor authentication (MFA) on all privileged accounts . SenseCloud supports single sign-on (SAML/OAuth) integration so enterprises can use their own identity providers.  Detailed access logs record every login and privilege change.  Privileged accounts and API keys are rotated on a regular schedule, and unused accounts are promptly disabled.

Logging, Monitoring & Auditability

 

We maintain comprehensive audit trails of all system activity. Every access to customer data, every configuration change, and every security event is logged centrally and protected against tampering. These logs are retained according to SOC 2 requirements and are available for compliance auditing. SenseCloud’s security operations team monitors logs and system health 24/7 , using automated SIEM and intrusion-detection tools to detect anomalies in real time.  Regular reviews of audit logs and access records are conducted to ensure any irregularities are investigated.

 

  • Continuous Monitoring: 24/7 network and application monitoring; automated alerting on suspicious activity .

  • Audit Logs: Immutable logs for all access and system events; secure log storage and retention policies.

  • User Activity Reports: Detailed reports on user actions, provided for customer audits.

Secure Development & Testing

 

SenseCloud follows a Secure Software Development Lifecycle (SSDLC). All code changes undergo formal architecture review and security sign-off before deployment . We use static (SAST) and dynamic (DAST) analysis tools in CI/CD pipelines to catch vulnerabilities early .   Development and QA environments are isolated; production access is limited to hardened processes. Our release process includes automated vulnerability scanning and regression testing. Any critical issues are fixed before code is promoted.

Vulnerability Management

 

We proactively identify and remediate security weaknesses. Regular internal vulnerability scans and external penetration tests are performed . We engage third-party security firms annually for comprehensive pentests, and summaries are available to customers under NDA.  In addition, we maintain a public Vulnerability Disclosure Program (bug bounty) to reward external researchers . All discovered issues follow a tracked remediation process, with patches applied in a timely manner.

Deployment Options: Cloud & On-Premise

 

SenseCloud is available as a cloud service or fully on-premise, depending on customer needs.

 

  • Cloud Deployment:  Our multi-tenant cloud is hosted on AWS in regions of your choice, benefiting from AWS’s global security and compliance infrastructure . Each customer’s data is logically isolated, and cloud instances run in customer-specific VPCs. The cloud platform is continuously hardened (OS patches, container image scanning) and inherits AWS’s physical and environmental security.

  • On-Premise Deployment: For maximum data control, SenseCloud can be installed within your private environment. In this mode, all data processing (including AI model inference) happens behind your firewall . Encryption keys and data storage remain entirely under your administration. The on-premise package comes with the same software stack and security controls as the cloud version, ensuring “data-in-place” confidentiality.

Compliance and Documentation

 

We provide detailed compliance documentation and third-party audit reports under appropriate agreements. Customers can review our current SOC 2 report and security whitepapers. SenseCloud’s internal security policies are aligned to NIST and ISO guidelines.  Data retention and deletion rules are configurable: for example, customer data is deleted promptly after contract termination (industry practice is within ~30 days) .

 

By integrating these measures, SenseCloud meets the stringent requirements of enterprise security and compliance teams. All security controls are continually evaluated and updated to match evolving standards. For more details or specific questions, our security team can be contacted through official channels.

bottom of page