Cloudsquid complies with GDPR, as outlined in the Data Processing Agreement (DPA) aligned with EU regulations. The company is actively working towards ISO 27001 certification, targeted for completion in Q1 2025.
Encryption
Cloudsquid ensures data security with AES-256 encryption for data at rest and TLS (1.0+) for data in transit, managed by Google Cloud.
Privacy and Data Minimization
Data is processed strictly per client instructions and never used for model training. Sensitive information is anonymized or pseudonymized, with regular data minimization checks to delete unnecessary data.
Access Control
User authentication is managed via OAuth2 (Firebase integration), with token-based authorization for secure, limited access to data. Only authorized users can access specific data functions within the application.
Regular Testing
Cloudsquid plans regular vulnerability assessments and security scans. Infrastructure on Google Cloud is managed with embedded security tools, and internal audits are scheduled as part of the upcoming ISO 27001 certification process.
Continuous Monitoring
Security events are logged through Google Cloud’s centralized logging and monitoring system. Access to logs is restricted to authorized personnel, ensuring that any unusual activity is promptly addressed.
Incident Handling Protocol
The company’s protocol includes immediate notification to relevant parties in case of a data breach. This involves reporting the nature of the incident, impacted data categories, and measures taken to address it. Ongoing audits and compliance checks further support the incident response framework.
Device and Vendor Management
Device access is secured through MDM solutions, and vendor compliance is reviewed to ensure adherence to Cloudsquid’s security standards. Primary data processing occurs in Google Cloud’s Frankfurt data centers, with additional processing in Microsoft Azure’s Sweden data centers for specific tasks.
Business Continuity and Disaster Recovery
Daily backups are maintained on Google Cloud, with high availability features to ensure data resiliency. Redundant infrastructure allows automatic failover and rapid service restoration if disruptions occur.
©2024 cloudsquid GmbH, All rights reserved.