Dataloop Security and Privacy

GDPR

GDPR

ISO 27001

ISO 27001

Dataloop is an enterprise-grade data engine that ensures the highest data standards across your entire data organization, allowing cross-functional collaboration while keeping your data access internal. Helping your teams build and deploy deep learning data pipelines with unlimited scalability and control.

The following outlines our key security and privacy measures in order to ensure all customers’ data remain private and protected, at all times:

Group 12

Privacy

We deploy custom authentication and role permission enforcement using advanced Kubernetes-powered infrastructure for on-premises or private storage deployments. Our authentication and authorization system is based on Auth0 (https://auth0.com), an industry-leading identity management platform. The goal of our user access policies is to allow organizations to implement rules-based access that works towards the principle of least privilege.

Group 30

GDPR

Dataloop complies with the GDPR ensuring that personal data is properly collected, stored, and documented. All new vendors, assets, and activities pertaining to processing personal data are subject to review of privacy and security. As new privacy and security laws that follow the GDPR’s lead are regularly being passed into law globally, we take a stringent approach to data privacy and security for all data, regardless of its source location, to meet any similar requirements, no matter their origin.

Group 14 Copy

Certifications

ISO/IEC Certification

Dataloop has received ISO/IEC- 27001:2013 & ISO/IEC 27701:2019 by The Standards Institution of Israel. In addition, Dataloop is also in the process of completing the SOC2 Type II process.

GDPR Compliant

Dataloop is compliant with the GDPR regulations and has an appointed GDPR-Rep.eu as a representative (according to Art. 27 GDPR). This provides an easy way to submit privacy-related requests like requests to access or erase any personal data.

Group 12

Security

We provide full encryption in order to keep your data constantly safe, compliant with military-grade security standards, and certified by comprehensive system audits. HTTPS is encrypted in order to increase the security of data transfer. Any user information, including login credentials, passwords, and storage access keys remain private and secured. To incentivize making security a top priority, Dataloop offers a bugs-bounty program in which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities. Dataloop also uses state-of-the-art firewalls and communication protocols. All external communications to and from our services can only be made via port 80/443 and are SSL/TLS encrypted. All communications to 3rd party services (Auth0, mailing services, etc.) outside of our cluster are routed using VPC tunneling.

© Dataloop Ltd. 2020